Security Group Inbound rules list using aws cli
for region in `aws ec2 describe-regions --query "Regions[].{Name:RegionName}" --output text`
do
:
if [ -z "$(aws ec2 describe-instances --region $region --filter "Name=instance-state-name,Values=running" --query "Reservations[*].Instances[*].[InstanceId, Tags[?Key=='Name'].Value|[0]]" --output text | awk '{print $1}')" ]; then
echo "There are no EC2 Instances in the region :: "$region
else
echo "++++++++++++++++++++++++++++++++++++++++++++++++++++"
echo "Checking Amazon Instances on the region "$region
echo "++++++++++++++++++++++++++++++++++++++++++++++++++++"
fi
for instance in `aws ec2 describe-instances --region $region --filter "Name=instance-state-name,Values=running" --query "Reservations[*].Instances[*].[InstanceId, Tags[?Key=='Name'].Value|[0]]" --output text | awk '{print $1}'`
do
:
for instance_name in `aws ec2 describe-instances --region $region --filter "Name=instance-state-name,Values=running" --query "Reservations[*].Instances[*].[InstanceId, Tags[?Key=='Name'].Value|[0]]" --output text | awk '{print $2}'`
do
:
s=($(aws ec2 describe-instances --region $region --instance-ids $instance --output text --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId';))
echo "Checking the instance "$instance_name "with the instance ID "$instance
echo "========================================="
for s_group in "${s[@]}"
do
:
aws ec2 describe-security-groups --region $region --group-ids $s_group --query 'SecurityGroups[*].IpPermissions[]' --output text
echo "+++++++++++++++++++++++++++++++++++"
sleep 5;
done
done
done
sleep 2;
done
do
:
if [ -z "$(aws ec2 describe-instances --region $region --filter "Name=instance-state-name,Values=running" --query "Reservations[*].Instances[*].[InstanceId, Tags[?Key=='Name'].Value|[0]]" --output text | awk '{print $1}')" ]; then
echo "There are no EC2 Instances in the region :: "$region
else
echo "++++++++++++++++++++++++++++++++++++++++++++++++++++"
echo "Checking Amazon Instances on the region "$region
echo "++++++++++++++++++++++++++++++++++++++++++++++++++++"
fi
for instance in `aws ec2 describe-instances --region $region --filter "Name=instance-state-name,Values=running" --query "Reservations[*].Instances[*].[InstanceId, Tags[?Key=='Name'].Value|[0]]" --output text | awk '{print $1}'`
do
:
for instance_name in `aws ec2 describe-instances --region $region --filter "Name=instance-state-name,Values=running" --query "Reservations[*].Instances[*].[InstanceId, Tags[?Key=='Name'].Value|[0]]" --output text | awk '{print $2}'`
do
:
s=($(aws ec2 describe-instances --region $region --instance-ids $instance --output text --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId';))
echo "Checking the instance "$instance_name "with the instance ID "$instance
echo "========================================="
for s_group in "${s[@]}"
do
:
aws ec2 describe-security-groups --region $region --group-ids $s_group --query 'SecurityGroups[*].IpPermissions[]' --output text
echo "+++++++++++++++++++++++++++++++++++"
sleep 5;
done
done
done
sleep 2;
done
Comments
Post a Comment