aws-security-groups

Posted Apr 1, 2023

By sot001

1 min read

finding unused security groups

(ref: https://stackoverflow.com/questions/24685508/how-to-find-unused-amazon-ec2-security-groups)

First, get a list of all security groups

aws ec2 describe-security-groups --query 'SecurityGroups[*].GroupId' --output text | tr '\t' '\n'

Then get all security groups tied to an instance, then piped to sort then uniq:

aws ec2 describe-instances --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId' --output text | tr '\t' '\n' | sort | uniq

Then put it together and compare the 2 lists and see what’s not being used from the master list:

comm -23 <(aws ec2 describe-security-groups --query 'SecurityGroups[*].GroupId' --output text | tr '\t' '\n'| sort) <(aws ec2 describe-instances --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId' --output text | tr '\t' '\n' | sort | uniq)

aws-security-groups

aws-security-groups

This post is licensed under CC BY 4.0 by the author.

Recently Updated

Trending Tags

git ansible docker jekyll access adding-custom-filters-to-mythweb-recordings-page adding-password-to-ssh-key adding-swap-file apt-get arp

Contents

Trending Tags

git ansible docker jekyll access adding-custom-filters-to-mythweb-recordings-page adding-password-to-ssh-key adding-swap-file apt-get arp

A new version of content is available.