Sep 17, 2018

Check which resources a given AWS security group is associated with

Security groups are associated with network interfaces. So to check which resources a given security group is associated with, you can follow any one option below:


(A) Using the AWS Console
    1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/ and navigate to ca-central-1 (Canada) region.
    2. In the navigation pane, choose "Network Interfaces".
    3. Click on the search box, and select "Security group name".
    4. Then select a security group to filter the network interfaces. Once the filter has been applied, you can check the resources by "Description" or "Instance ID".

If you are only looking for EC2 instances, you can follow the above listed steps by choosing "Instances" instead of "Network Interfaces" in step 2. The difference is - if you select instances, it will only display all the EC2 instances, whereas if you select "Network Interfaces", it will display resources in other services like RDS instances, Elastic Load Balancer (ELB), Elastic Beanstalk (EB), etc. ( Although "Network Interfaces" is put under the path of /ec2)

(B) Using the AWS Cli
    - If you would like to filter by security group ID, run the following command:
        aws ec2 describe-network-interfaces --filters Name=group-id,Values=sg-xxxxxxxx
   
    - If you would like to filter by security group name, run the following command:
        aws ec2 describe-network-interfaces --filters Name=group-name,Values=sg-xxxxxxxx