Un-attached security groups in aws

LISTING UN-ATTACHED SECURITY GROUPS IN AWS CLOUD -
FOR GARBAGE CLEANING PROCESS

Votes

1st Step Get a list of all security groups.

aws ec2 describe-security-groups --query 'SecurityGroups[*].GroupId' --output text |tr '\t' '\n'

2nd Step

Then get all security groups tied to an instance, then piped to sort & uniq them.

aws ec2 describe-instances --query 'Reservations[].Instances[].SecurityGroups[*].GroupId' --output text |tr '\t' '\n' | sort | uniq

3rd Step

Then put it together and compare the 2 lists and see what’s not being used from the master list.

comm -23 <(aws ec2 describe-security-groups --query 'SecurityGroups[].GroupId' --output text |tr '\t' '\n'| sort) <(aws ec2 describe-instances --query 'Reservations[].Instances[].SecurityGroups[].GroupId' --output text |tr '\t' '\n' | sort | uniq)

Vote Here

You must earn at least 1 vote on your snippets to be allowed to vote

Terms Of Use

Privacy Policy

Featured snippets are MIT license

Gears & Masters

Advertise

DevOpsnipp.com © 2020

medium.png