get AWS EC2 instances which has security groups(which has more than 50 rules) attached using cloud custodian policy

249 Views Asked by Udesh Sendanayake At 21 October 2024 at 07:46

I need to get ec2 instances which has security groups attached and need to check whether those security groups has rules more than 50.

I tried with the below policy but i'm stuck in getting the sum of IpPermissions and IpPermisionsEgress.

policies:
  - name: ec2-instances-with-large-number-of-rules
    resource: ec2
    filters:
    -and:
      - type: security-group
        key: IpPermissions[]
        value_type: size
      - type: security-group
        key: IpPermissionsEgress[]
        value_type: size

Original Q&A

There are 1 best solutions below

Chris Pollard On 06 October 2020 at 11:14

You can use jmespath functions in all custodian policies. I'm not sure if this would work with the security group filter on an EC2 instance.

I'd try:

policies:
  - name: security-groups-with-large-number-of-rules
    resource: ec2
    filters: 
      - type: security-group
        key: sum([length(IpPermissions[],length(IpPermissionsEgress[]])
        value_type: int
        value: 50
        op: gte

or attack it by identifying SGs with lots of rules using a similar pattern

get AWS EC2 instances which has security groups(which has more than 50 rules) attached using cloud custodian policy

There are 1 best solutions below

Related Questions in AMAZON-EC2

Related Questions in AWS-SECURITY-GROUP

Related Questions in CLOUDCUSTODIAN

Trending Questions

Popular # Hahtags

Popular Questions