How to find Unused Security Groups of all AWS Security Groups?

2.4k Views Asked by anoop-khandelwal At 24 April 2025 at 19:16

How to find all the used security groups attached with all the aws resources using Boto?
Currently the following script which is giving only ec2 instances-

     sec_grps = ec2_conn.get_all_security_groups()  
     for group in sec_grps:   
         print group, " Instances attached ", group.instances()

Is there any way to get all security groups which are unused by all aws resources?

Original Q&A

There are 2 best solutions below

John Rotenstein On 18 June 2015 at 09:14 BEST ANSWER

This is a slightly difficult request because Security Groups are used by many different resources, including:

Amazon EC2 instances
Amazon RDS instances
VPC Elastic Network Interfaces (ENIs)
Amazon Redshift clusters
Amazon ElastiCache clusters
Amazon Elastic MapReduce clusters
Amazon Workspaces
...and most probably other services, too

To obtain a list of unused Security Groups, you would need to query all the above services to discover which ones are "in use".

Alternatively, you could just try to delete them -- an error is generated if you try to delete a Security Group that is in-use. (But please test this method before deleting important Security Groups!)

Prakash Vegiraju On 29 April 2022 at 18:21

Manual Process: copy the security group id

go to network interface in ec2 console and paste SG Here in n/w interface see whether attached any ENI

How to find Unused Security Groups of all AWS Security Groups?

There are 2 best solutions below

Related Questions in PYTHON-2.7

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-EC2

Related Questions in AMAZON-S3

Related Questions in BOTO

Trending Questions

Popular # Hahtags

Popular Questions