- Newest
- Most votes
- Most comments
There is actually a simple way to see the associations.
https://aws.amazon.com/premiumsupport/knowledge-center/ec2-find-security-group-resources/
- Run the following command in the AWS CLI to find network interfaces associated with a security group based on the security group ID:
aws ec2 describe-network-interfaces --filters Name=group-id,Values=<group-id> --region <region> --output json
The output of this command shows the network interfaces associated with the security group.
- Review the output.
If the output is empty similar to this example, then there are no resources associated with the security group:
{ "NetworkInterfaces": [] }
If the output contains results, then use this command to find more information about the resources associated with the security group:
aws ec2 describe-network-interfaces --filters Name=group-id,Values=<group-id> --region <region> --output json --
You can also see from the console : Copy the security group ID of the security group that you're investigating.
In the navigation pane, choose Network Interfaces. Paste the security group ID in the search bar.
You can use AWS Firewall Manager to manage your security groups at scale, see this blog post.
Hi Sarah,
You could look into AWS Config rule: https://docs.aws.amazon.com/systems-manager-automation-runbooks/latest/userguide/automation-aws-delete-ec2-security-group.html
That rule will delete all unused Sec groups. Hope it helps!
Relevant content
- Accepted Answerasked 2 years ago
- asked 2 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 4 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated a year ago