Networks Not on Whitelist Has Instances
This bot identifies unapproved networks that contain instances. It can be used to identify risks presented by hosting instances in networks that do not have the security policies and monitoring in place that approved networks do.
Recommended Action
Customize actions to generate alerts, e.g., via Slack or email, that use Jinja2 templating to communicate when an instance is spun up in an unapproved network and to provide instance details such as cloud account, region, network, and instance owner. Customize the action a step further by scheduling an instance shutdown after a given period of time and notifying the instance owner why the shutdown will occur.
Severity
Medium
Resource Types Inspected
Private Network
Reactive Hookpoints
resource.modified