AWS Security Groups IP Cidr

Here’s how to search for AWS Security Groups containing this IP Cidr.

aws ec2 describe-security-groups \
--filter Name=egress.ip-permission.cidr,Values='10.8.8.8/32' \
--query "SecurityGroups[*].{Name:GroupName}" \
--output text \
--profile default \
--region us-east-1

Search with ports.

aws ec2 describe-security-groups \
--filter Name=egress.ip-permission.cidr,Values='10.8.8.8/32' \
         Name=egress.ip-permission.from-port,Values='22' \
         Name=egress.ip-permission.to-port,Values='22' \
--query "SecurityGroups[*].{Name:GroupName}" \
--output text \
--profile default \
--region us-east-1

Query will only display the Security Group name.

Migrate EFS to another VPC

Migrating a EFS from one VPC to another is quite simple. There’s no need to delete it. Just click on “manage file systems access” and remove all mount targets and Save. Once the targets are removed, you can choose another VPC from the dropdown. Once a VPC is selected. Add the subnets and security groups. Save and you are done!

GCP Change VPC of Instance

The following are steps on how to change the network of an instance from one VPC to another. This is assuming you want to keep the same server name, but will need to make a network change. Unfortunately, changing networks will require creating a new instance. The following are the steps to make that change.

  1. Keep track of all the disks.
  2. Keep all disks including boot.
  3. Stop the instance.
  4. Create an image of the boot drive. Wait for it to complete.
  5. Create a similar instance, but do not execute.
  6. Make the network changes. Save the GCloud CLI command.
  7. Delete the instance.
  8. Run the saved command from step 4. This creates a new instance.
  9. Stop the instance.
  10. Detach the boot disk.
  11. Attach all the other disks.
  12. Boot the instance.

AWS Transit VPCs

If you have multiple VPCs located in geographically diverse regions, you can connect them together using a new service called Transit VPCs. It’s a logically isolated VPC which can act as a bridge for launching and transferring data between regions. It can work as global transit center between other VPCs within your organization. Learn more by reading about it from AWS announcement.