AWS Security Groups IP Cidr

Here’s how to search for AWS Security Groups containing this IP Cidr.

aws ec2 describe-security-groups \
--filter Name=egress.ip-permission.cidr,Values='10.8.8.8/32' \
--query "SecurityGroups[*].{Name:GroupName}" \
--output text \
--profile default \
--region us-east-1

Search with ports.

aws ec2 describe-security-groups \
--filter Name=egress.ip-permission.cidr,Values='10.8.8.8/32' \
         Name=egress.ip-permission.from-port,Values='22' \
         Name=egress.ip-permission.to-port,Values='22' \
--query "SecurityGroups[*].{Name:GroupName}" \
--output text \
--profile default \
--region us-east-1

Query will only display the Security Group name.

Deleting AWS Security Groups

Every once in a while, you may need to do some cleanup and perform maintenance in AWS. One area where you can do some cleanup is the security groups. To check if security groups are in-used, is by way of the AWS Console. You can filter the security group via Instances. But that is not going to be enough. Security groups are also used in RDS as well as in load balancers. Overall, you have to be extra careful not to delete a security group that’s in-use. Fortunately, AWS will prompt you if you try to delete a security group that is still in-use. It’s a safety feature that can potentially save you from headaches.