• Icon: New Feature New Feature
    • Resolution: Unresolved
    • Icon: Blocker Blocker
    • ec2-plugin
    • None
    • Version 2.462.2.2
      Plugin Version 1688.v8c07e01d657f

      We have an internal requirement to create an AWS Service Control Policy (SCP) that blocks any instances with public IPs.

      The policy is as follows:

      { "key": "ec2:AssociatePublicIpAddress", "values": { "items": [ { "value": "true" } ] } }

      This policy prevents any creation of EC2's that are missing this field:

      The issue with the plugin arises when the "Associate Public IP" checkbox is not selected. In this case, it neither sends the network interface nor the associatePublicIpAddress field, relying entirely on the subnet configuration.

      The main requirement for this feature is to add the capability to override subnet configuration by including a checkbox labeled "Forbidden Public IP." This way, even if the associatePublicIpAddress option is unchecked, it can still send the networkInterfaceSet with all the necessary configurations.

      This feature will also be useful if the subnet has the Auto-assign public IPv4 address set to true, allowing you to create EC2's without public IP.

          [JENKINS-75002] Allow blocking EC2 public IP

          There are no comments yet on this issue.

            thoulen FABRIZIO MANFREDI
            nuno_pintocicd Nuno
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: