Created
February 6, 2017 22:09
-
-
Save danlindow/1cdf85e7f1be8d662e3ad35c0d8404e7 to your computer and use it in GitHub Desktop.
Audit unused security group rules
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| from pprint import pprint | |
| client = boto3.client('ec2',region_name='us-west-2') | |
| interfaces = client.describe_network_interfaces() | |
| sgs_in_use = [] | |
| for interface in interfaces['NetworkInterfaces']: | |
| for group in interface['Groups']: | |
| if group['GroupId'] not in sgs_in_use: | |
| sgs_in_use.append(group['GroupId']) | |
| sgs_not_in_use = [] | |
| security_groups = client.describe_security_groups() | |
| for sg in security_groups['SecurityGroups']: | |
| if sg['GroupId'] not in sgs_in_use: | |
| sgs_not_in_use.append(sg['GroupId']) | |
| print('SGs not in use') | |
| pprint(sgs_not_in_use) | |
| print('SGs that are in use') | |
| pprint(sgs_in_use) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Example output:
SGs not in use
['sg-0a0ec96c',
'sg-334b4855',
'sg-47ccea21',
'sg-51380837',
'sg-60329f19',
'sg-63329f1a',
'sg-71aa2708',
'sg-79d57d1e',
'sg-b59b13cd',
'sg-d8e85da1',
'sg-dae85da3',
'sg-dde85da4',
'sg-e1e85d98',
'sg-e4e85d9d',
'sg-e7e85d9e',
'sg-e8e85d91',
'sg-eae85d93',
'sg-eee85d97',
'sg-f5e85d8c',
'sg-f9e85d80',
'sg-fae85d83',
'sg-fbe85d82',
'sg-fc9c1484',
'sg-fee85d87']
SGs that are in use
['sg-0e557b6b',
'sg-5ca28c39',
'sg-63547a06',
'sg-a05082c7',
'sg-5e7e8338',
'sg-6028fc07']
[Finished in 0.567s]