如何查找附加到AWS安全组的所有资源

huangapple go评论74阅读模式
英文:

How to find all the resources attached to an AWS Security Group

问题

我找到一个安全组,允许来自0.0.0.0的所有流量,并且我想知道使用这个安全组的所有资源。

有没有AWS CLI命令可以做到这一点,还是我应该逐个资源检查是否附加了这个安全组?

英文:

I found a security group with all traffic allowed from 0.0.0.0 and I want to know all the resources that are using this security group.

Is there any AWS CLI command for this or should I go through each resource to see if this security group is attached?

答案1

得分: 3

方法1:使用AWS管理控制台

选择资源所在的区域

  1. 打开Amazon EC2控制台。
  2. 在导航窗格中,选择安全组。
  3. 复制您要调查的安全组的安全组ID。
  4. 在导航窗格中,选择网络接口。
  5. 将安全组ID粘贴到搜索栏中。

搜索结果将显示与安全组关联的网络接口。检查网络接口的描述以确定与安全组相关的资源。例如,ELB app/example-alb/1234567890abcdef 表示名为 example-alb 的应用负载均衡器正在使用此安全组。

方法2:使用AWS CLI

aws ec2 describe-network-interfaces --filters Name=group-id,Values=<group-id> --region <region> --output json

如果输出为空,则表示没有附加资源,例如

{
    "NetworkInterfaces": []
}

如果输出中有信息,然后运行以下命令

aws ec2 describe-network-interfaces \
  --filters Name=group-id,Values=<group-id> \
  --region <region> --output json \
  --query "NetworkInterfaces[*].[NetworkInterfaceId,Description,PrivateIpAddress,VpcId]"
英文:

Method 1: Use the AWS Management Console

Select you region in which resources are located

  1. Open the Amazon EC2 console.
  2. In the navigation pane, choose Security Groups.
  3. Copy the security group ID of the security group that you're investigating.
  4. In the navigation pane, choose Network Interfaces.
  5. Paste the security group ID in the search bar.

Search results show the network interfaces associated with the security group. Check the description of the network interface to determine the resource that's associated with the security group. For example, ELB app/example-alb/1234567890abcdef indicates that an Application Load Balancer with the name example-alb is using this security group.

Method 2: Use the AWS CLI

aws ec2 describe-network-interfaces --filters Name=group-id,Values=&lt;group-id&gt; --region &lt;region&gt; --output json

If the output is empty then there are no resources attached for example

{
    &quot;NetworkInterfaces&quot;: []
}

If you see information in output then run this

aws ec2 describe-network-interfaces \
  --filters Name=group-id,Values=&lt;group-id&gt; \
  --region &lt;region&gt; --output json \
  --query &quot;NetworkInterfaces[*].[NetworkInterfaceId,Description,PrivateIpAddress,VpcId]&quot;

huangapple
  • 本文由 发表于 2023年4月10日 18:38:41
  • 转载请务必保留本文链接:https://go.coder-hub.com/75976356.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定