-
-
Save Tibingeo/cbc6d69db0d2edd4fc3394f92c0ec92e to your computer and use it in GitHub Desktop.
Revisions
-
Tibin George renamed this gist
Jul 25, 2017 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Jul 25, 2017 . 1 changed file with 0 additions and 8 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -59,14 +59,6 @@ def lookup_by_id(sgid): for j in i['SecurityGroups']: if j not in security_groups_in_use: security_groups_in_use.append(j) delete_candidates = [] for group in all_groups: -
Jul 25, 2017 . 1 changed file with 4 additions and 14 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -15,8 +15,8 @@ def lookup_by_id(sgid): # parse arguments parser = argparse.ArgumentParser(description="Show unused security groups") parser.add_argument("-r", "--region", type=str, default="ap-southeast-1", help="The default region is ap-southeast-1. The list of available regions are as follows: %s" % sorted( region_list)) parser.add_argument("-d", "--delete", help="delete security groups from AWS", action="store_true") args = parser.parse_args() @@ -67,15 +67,7 @@ def lookup_by_id(sgid): for j in i['SecurityGroups']: if j not in security_groups_in_use: security_groups_in_use.append(j) delete_candidates = [] for group in all_groups: if group not in security_groups_in_use: @@ -102,9 +94,7 @@ def lookup_by_id(sgid): print(u"Total number of Security Groups evaluated: {0:d}".format(len(all_groups))) print(u"Total number of EC2 Instances evaluated: {0:d}".format(len(reservations))) print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(len(eni_dict['NetworkInterfaces']))) print(u"Total number of Security Groups in-use evaluated: {0:d}".format(len(security_groups_in_use))) if args.delete: -
Tom Ryan revised this gist
Jun 30, 2017 . 1 changed file with 0 additions and 9 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,9 +0,0 @@ -
Jun 19, 2017 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,8 +2,8 @@ Usage: Evaluate all sec groups in a region: security-group-cleanup.py -r region Evaluate and delete all unused sec groups in a region: security-group-cleanup.py -r region -d -
Jun 19, 2017 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,9 @@ Usage: Evaluate all sec groups in a region: security-group-cleanup.py -r <region> Evaluate and delete all unused sec groups in a region: security-group-cleanup.py -r <region> -d -
Jun 19, 2017 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,7 @@ Usage: Evaluate all sec groups in a region: security-group-cleanup.py -r <region> Evaluate and delete all unused sec groups in a region: security-group-cleanup.py -r <region> -d -
Jun 19, 2017 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,4 +2,4 @@ Usage: Evaluate all sec groups in a region: security-group-cleanup.py -r <region> Evaluate and delete all unused sec groups in a region: security-group-cleanup.py -r <region> -d -
Jun 19, 2017 . No changes.There are no files selected for viewing
-
Jun 19, 2017 . No changes.There are no files selected for viewing
-
Jun 19, 2017 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Jun 19, 2017 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,5 @@ Usage: Evaluate all sec groups in a region: security-group-cleanup.py -r <region> Evaluate and delete all unused sec groups in a region: security-group-cleanup.py -r <region> -d -
Jun 19, 2017 . 1 changed file with 10 additions and 8 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -42,13 +42,15 @@ def lookup_by_id(sgid): for j in i['Instances']: for k in j['SecurityGroups']: if k['GroupId'] not in security_groups_in_use: security_groups_in_use.append(k['GroupId']) # Security Groups in use by Network Interfaces eni_client = boto3.client('ec2', region_name=args.region) eni_dict = eni_client.describe_network_interfaces() for i in eni_dict['NetworkInterfaces']: for j in i['Groups']: if j['GroupId'] not in security_groups_in_use: security_groups_in_use.append(j['GroupId']) # Security groups used by classic ELBs elb_client = boto3.client('elb', region_name=args.region) @@ -103,7 +105,7 @@ def lookup_by_id(sgid): print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']) + len(elb2_dict['LoadBalancers']))) print(u"Total number of RDS Instances evaluated: {0:d}".format(len(rds_dict['DBInstances']))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(len(eni_dict['NetworkInterfaces']))) print(u"Total number of Security Groups in-use evaluated: {0:d}".format(len(security_groups_in_use))) if args.delete: print(u"Total number of Unused Security Groups deleted: {0:d}".format(len(delete_candidates))) -
Jun 16, 2017 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -29,7 +29,7 @@ def lookup_by_id(sgid): security_groups_dict = client.describe_security_groups() security_groups = security_groups_dict['SecurityGroups'] for groupobj in security_groups: if groupobj['GroupName'] == 'default' or groupobj['GroupName'].startswith('d-') or groupobj['GroupName'].startswith('AWS-OpsWorks-'): security_groups_in_use.append(groupobj['GroupId']) all_groups.append(groupobj['GroupId']) @@ -76,7 +76,7 @@ def lookup_by_id(sgid): delete_candidates = [] for group in all_groups: if group not in security_groups_in_use: delete_candidates.append(group) if args.delete: -
Jun 13, 2017 . 1 changed file with 0 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -73,16 +73,6 @@ def lookup_by_id(sgid): for j in i['VpcSecurityGroups']: if j['VpcSecurityGroupId'] not in security_groups_in_use: security_groups_in_use.append(j['VpcSecurityGroupId']) delete_candidates = [] for group in all_groups: -
Jun 13, 2017 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -108,12 +108,13 @@ def lookup_by_id(sgid): print("Activity Report") print("---------------") print(u"Total number of Security Groups evaluated: {0:d}".format(len(all_groups))) print(u"Total number of EC2 Instances evaluated: {0:d}".format(len(reservations))) print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']) + len(elb2_dict['LoadBalancers']))) print(u"Total number of RDS Instances evaluated: {0:d}".format(len(rds_dict['DBInstances']))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(network_interface_count)) print(u"Total number of Security Groups in-use evaluated: {0:d}".format(len(security_groups_in_use))) if args.delete: print(u"Total number of Unused Security Groups deleted: {0:d}".format(len(delete_candidates))) else: -
Jun 6, 2017 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -108,16 +108,16 @@ def lookup_by_id(sgid): print("Activity Report") print("---------------") print(u"Total number of Security Groups in-use evaluated: {0:d}".format(len(security_groups_in_use))) print(u"Total number of EC2 Instances evaluated: {0:d}".format(len(reservations))) print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']) + len(elb2_dict['LoadBalancers']))) print(u"Total number of RDS Instances evaluated: {0:d}".format(len(rds_dict['DBInstances']))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(network_interface_count)) if args.delete: print(u"Total number of Unused Security Groups deleted: {0:d}".format(len(delete_candidates))) else: print(u"Total number of Unused Security Groups targeted for removal: {0:d}".format(len(delete_candidates))) # For each security group in the total list, if not in the "used" list, flag for deletion # If running with a "--delete" flag, delete the ones flagged. -
Jun 6, 2017 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -115,9 +115,9 @@ def lookup_by_id(sgid): print(u"Total number of RDS Instances evaluated: {0:d}".format(len(rds_dict['DBInstances']))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(network_interface_count)) if args.delete: print(u"Total number of unused security groups deleted: {0:d}".format(len(delete_candidates))) else: print(u"Total number of unused security groups targeted for removal: {0:d}".format(len(delete_candidates))) # For each security group in the total list, if not in the "used" list, flag for deletion # If running with a "--delete" flag, delete the ones flagged. -
Jun 6, 2017 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -108,7 +108,7 @@ def lookup_by_id(sgid): print("Activity Report") print("---------------") print(u"Total number of Security Groups in use evaluated: {0:d}".format(len(security_groups_in_use))) print(u"Total number of EC2 Instances evaluated: {0:d}".format(len(reservations))) print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']) + len(elb2_dict['LoadBalancers']))) -
Jun 6, 2017 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -112,7 +112,7 @@ def lookup_by_id(sgid): print(u"Total number of EC2 Instances evaluated: {0:d}".format(len(reservations))) print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']) + len(elb2_dict['LoadBalancers']))) print(u"Total number of RDS Instances evaluated: {0:d}".format(len(rds_dict['DBInstances']))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(network_interface_count)) if args.delete: print(u"Total number of security groups deleted: {0:d}".format(len(delete_candidates))) -
Jun 6, 2017 . No changes.There are no files selected for viewing
-
Jun 6, 2017 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -72,7 +72,7 @@ def lookup_by_id(sgid): for i in rds_dict['DBInstances']: for j in i['VpcSecurityGroups']: if j['VpcSecurityGroupId'] not in security_groups_in_use: security_groups_in_use.append(j['VpcSecurityGroupId']) ## Security groups used by VPCs -
Jun 6, 2017 . 1 changed file with 7 additions and 6 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -68,12 +68,12 @@ def lookup_by_id(sgid): # Security groups used by RDS rds_client = boto3.client('rds', region_name=args.region) rds_dict = rds_client.describe_db_instances() for i in rds_dict['DBInstances']: for j in i['VpcSecurityGroups']: if j['VpcSecurityGroupId'] not in security_groups_in_use: security_groups_in_use.append(j) ## Security groups used by VPCs #vpc_dict = client.describe_vpcs() @@ -112,6 +112,7 @@ def lookup_by_id(sgid): print(u"Total number of EC2 Instances evaluated: {0:d}".format(len(reservations))) print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']) + len(elb2_dict['LoadBalancers']))) print(u"Total number of RDS Instances evaluated: {0:d}".format(len(rds_dict))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(network_interface_count)) if args.delete: print(u"Total number of security groups deleted: {0:d}".format(len(delete_candidates))) -
lingmann revised this gist
Mar 10, 2017 . 1 changed file with 8 additions and 8 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -75,14 +75,14 @@ def lookup_by_id(sgid): if j not in security_groups_in_use: security_groups_in_use.append(j) ## Security groups used by VPCs #vpc_dict = client.describe_vpcs() #for i in vpc_dict['Vpcs']: # vpc_id = i['VpcId'] # vpc = ec2.Vpc(vpc_id) # for s in vpc.security_groups.all(): # if s.group_id not in security_groups_in_use: # security_groups_in_use.append(s.group_id) delete_candidates = [] for group in all_groups: -
pet0ruk revised this gist
Dec 5, 2016 . 1 changed file with 5 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,7 +21,8 @@ def lookup_by_id(sgid): parser.add_argument("-d", "--delete", help="delete security groups from AWS", action="store_true") args = parser.parse_args() client = boto3.client('ec2', region_name=args.region) ec2 = boto3.resource('ec2', region_name=args.region) all_groups = [] security_groups_in_use = [] # Get ALL security groups names @@ -50,23 +51,23 @@ def lookup_by_id(sgid): security_groups_in_use.append(n['GroupId']) # Security groups used by classic ELBs elb_client = boto3.client('elb', region_name=args.region) elb_dict = elb_client.describe_load_balancers() for i in elb_dict['LoadBalancerDescriptions']: for j in i['SecurityGroups']: if j not in security_groups_in_use: security_groups_in_use.append(j) # Security groups used by ALBs elb2_client = boto3.client('elbv2', region_name=args.region) elb2_dict = elb2_client.describe_load_balancers() for i in elb2_dict['LoadBalancers']: for j in i['SecurityGroups']: if j not in security_groups_in_use: security_groups_in_use.append(j) # Security groups used by RDS rds_client = boto3.client('rds', region_name=args.region) rds_dict = rds_client.describe_db_security_groups() for i in rds_dict['DBSecurityGroups']: -
sa-jbrooks revised this gist
Oct 3, 2016 . 1 changed file with 98 additions and 79 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,102 +1,121 @@ #!/usr/bin/env python import boto3 import argparse def lookup_by_id(sgid): sg = ec2.get_all_security_groups(group_ids=sgid) return sg[0].name # get a full list of the available regions client = boto3.client('ec2') regions_dict = client.describe_regions() region_list = [region['RegionName'] for region in regions_dict['Regions']] # parse arguments parser = argparse.ArgumentParser(description="Show unused security groups") parser.add_argument("-r", "--region", type=str, default="us-east-1", help="The default region is us-east-1. The list of available regions are as follows: %s" % sorted( region_list)) parser.add_argument("-d", "--delete", help="delete security groups from AWS", action="store_true") args = parser.parse_args() ec2 = boto3.resource('ec2') all_groups = [] security_groups_in_use = [] # Get ALL security groups names security_groups_dict = client.describe_security_groups() security_groups = security_groups_dict['SecurityGroups'] for groupobj in security_groups: if groupobj['GroupName'] == 'default': security_groups_in_use.append(groupobj['GroupId']) all_groups.append(groupobj['GroupId']) # Get all security groups used by instances instances_dict = client.describe_instances() reservations = instances_dict['Reservations'] network_interface_count = 0 for i in reservations: for j in i['Instances']: for k in j['SecurityGroups']: if k['GroupId'] not in security_groups_in_use: security_groups_in_use.append(k['GroupId']) # Security groups used by network interfaces for m in j['NetworkInterfaces']: network_interface_count += 1 for n in m['Groups']: if n['GroupId'] not in security_groups_in_use: security_groups_in_use.append(n['GroupId']) # Security groups used by classic ELBs elb_client = boto3.client('elb') elb_dict = elb_client.describe_load_balancers() for i in elb_dict['LoadBalancerDescriptions']: for j in i['SecurityGroups']: if j not in security_groups_in_use: security_groups_in_use.append(j) # Security groups used by ALBs elb2_client = boto3.client('elbv2') elb2_dict = elb2_client.describe_load_balancers() for i in elb2_dict['LoadBalancers']: for j in i['SecurityGroups']: if j not in security_groups_in_use: security_groups_in_use.append(j) # Security groups used by RDS rds_client = boto3.client('rds') rds_dict = rds_client.describe_db_security_groups() for i in rds_dict['DBSecurityGroups']: for j in i['EC2SecurityGroups']: if j not in security_groups_in_use: security_groups_in_use.append(j) # Security groups used by VPCs vpc_dict = client.describe_vpcs() for i in vpc_dict['Vpcs']: vpc_id = i['VpcId'] vpc = ec2.Vpc(vpc_id) for s in vpc.security_groups.all(): if s.group_id not in security_groups_in_use: security_groups_in_use.append(s.group_id) delete_candidates = [] for group in all_groups: if group not in security_groups_in_use and not group.startswith('AWS-OpsWorks-'): delete_candidates.append(group) if args.delete: print("We will now delete security groups identified to not be in use.") for group in delete_candidates: security_group = ec2.SecurityGroup(group) try: security_group.delete() except Exception as e: print(e) print("{0} requires manual remediation.".format(security_group.group_name)) else: print("The list of security groups to be removed is below.") print("Run this again with `-d` to remove them") for group in sorted(delete_candidates): print(" " + group) print("---------------") print("Activity Report") print("---------------") print(u"Total number of Security Groups evaluated: {0:d}".format(len(security_groups_in_use))) print(u"Total number of EC2 Instances evaluated: {0:d}".format(len(reservations))) print(u"Total number of Load Balancers evaluated: {0:d}".format(len(elb_dict['LoadBalancerDescriptions']) + len(elb2_dict['LoadBalancers']))) print(u"Total number of Network Interfaces evaluated: {0:d}".format(network_interface_count)) if args.delete: print(u"Total number of security groups deleted: {0:d}".format(len(delete_candidates))) else: print(u"Total number of security groups targeted for removal: {0:d}".format(len(delete_candidates))) # For each security group in the total list, if not in the "used" list, flag for deletion # If running with a "--delete" flag, delete the ones flagged. -
dritten revised this gist
Aug 22, 2014 . 1 changed file with 21 additions and 21 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,13 +1,13 @@ #!/usr/bin/env python import sys import boto import boto.ec2 import boto.ec2.elb import boto.rds import pprint import argparse def lookup_by_id(sgid): sg = ec2.get_all_security_groups(group_ids=sgid) return sg[0].name @@ -21,33 +21,32 @@ def lookup_by_id(sgid): counter=0 regions = boto.ec2.regions() for i in regions: #print regions[counter].name region_list.append(str(regions[counter].name)) counter=counter+1 parser = argparse.ArgumentParser(description="Show unused security groups") parser.add_argument("-r", "--region", type=str, default="us-east-1", help="The default region is us-east-1. The list of available regions are as follows: %s" % sorted(region_list)) parser.add_argument("-d", "--delete", help="delete security groups from AWS") args = parser.parse_args() pp = pprint.PrettyPrinter(indent=4) ec2 = boto.ec2.connect_to_region(args.region, aws_access_key_id=ACCESS_KEY, aws_secret_access_key=SECRET_KEY) allgroups = [] # Get ALL security groups names groups = ec2.get_all_security_groups() for groupobj in groups: allgroups.append(groupobj.name) # Get all instances security groups groups_in_use = ['default'] reservations = ec2.get_all_instances() for r in reservations: for ec2_group_list in r.groups: if ec2_group_list.name not in groups_in_use: groups_in_use.append(ec2_group_list.name) elb = boto.ec2.elb.connect_to_region(args.region, aws_access_key_id=ACCESS_KEY, aws_secret_access_key=SECRET_KEY) load_balancers = elb.get_all_load_balancers() @@ -73,7 +72,7 @@ def lookup_by_id(sgid): for group in allgroups: if group not in groups_in_use and not group.startswith('AWS-OpsWorks-'): delete_candidates.append(group) if args.delete: print "We will now delete security groups identified to not be in use." for group in delete_candidates: @@ -89,14 +88,15 @@ def lookup_by_id(sgid): print "Activity Report" print "---------------" print "Total number of Security Groups evaluated: %d" % (len(groups_in_use)) print "Total number of EC2 Instances evaluated: %d" % (len(reservations)) print "Total number of Load Balancers evaluated: %d" % (len(load_balancers)) print "Total number of RDS instances evaluated: %d" % (len(dbs)) print "Total number of Network Interfaces evaluated: %d" % (len(enis)) if args.delete: print "Total number of security groups deleted: %d" % (len(delete_candidates)) else: print "Total number of security groups targeted for removal: %d" % (len(delete_candidates)) # For each security group in the total list, if not in the "used" list, flag for deletion # If running with a "--delete" flag, delete the ones flagged. -
Aug 21, 2014 . 1 changed file with 73 additions and 26 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,54 +2,101 @@ import sys import boto import boto.ec2 import boto.ec2.elb import boto.rds import pprint import argparse def lookup_by_id(sgid): sg = ec2.get_all_security_groups(group_ids=sgid) return sg[0].name # set credentials #ACCESS_KEY="<ACCESS_KEY>" #SECRET_KEY="<SECRET_KEY>" #get a full list of the available regions region_list=[] counter=0 regions = boto.ec2.regions() for i in regions: #print regions[counter].name region_list.append(str(regions[counter].name)) counter=counter+1 parser = argparse.ArgumentParser(description="Show unused security groups") parser.add_argument("-r", "--region", type=str, default="us-east-1", help="The default region is us-east-1. The list of available regions are as follows: %s" % sorted(region_list)) parser.add_argument("-d", "--delete", help="delete security groups from AWS") args = parser.parse_args() pp = pprint.PrettyPrinter(indent=4) ec2 = boto.ec2.connect_to_region(args.region, aws_access_key_id=ACCESS_KEY, aws_secret_access_key=SECRET_KEY) # Get ALL security groups names allgroups = [] groups = ec2.get_all_security_groups() for groupobj in groups: allgroups.append(groupobj.name) # Get all instances security groups groups_in_use = ['default'] reservations = ec2.get_all_instances() for r in reservations: for ec2_group_list in r.groups: if ec2_group_list.name not in groups_in_use: groups_in_use.append(ec2_group_list.name) elb = boto.ec2.elb.connect_to_region(args.region, aws_access_key_id=ACCESS_KEY, aws_secret_access_key=SECRET_KEY) load_balancers = elb.get_all_load_balancers() for load_balancer in load_balancers: if load_balancer.source_security_group.name not in groups_in_use: groups_in_use.append(load_balancer.source_security_group.name) rds = boto.rds.connect_to_region(args.region, aws_access_key_id=ACCESS_KEY, aws_secret_access_key=SECRET_KEY) dbs = rds.get_all_dbinstances() for db in dbs: if len(db.vpc_security_groups) > 0: sg_name = lookup_by_id(db.vpc_security_groups[0].vpc_group) if sg_name not in groups_in_use: groups_in_use.append(sg_name) enis = ec2.get_all_network_interfaces() for eni in enis: for eni_grp in eni.groups: if eni_grp.name not in groups_in_use: groups_in_use.append(eni_grp.name) delete_candidates = [] for group in allgroups: if group not in groups_in_use and not group.startswith('AWS-OpsWorks-'): delete_candidates.append(group) if args.delete: print "We will now delete security groups identified to not be in use." for group in delete_candidates: ec2.delete_security_group(group) else: print "The list of security groups to be removed is below." print "Run this again with `-d` to remove them" #pp.pprint(sorted(delete_candidates)) for group in sorted(delete_candidates): print " " + group print "---------------" print "Activity Report" print "---------------" print "Total of number of EC2 Instances evaluated %d" % (len(reservations)) print "Total of number of Load Balancers evaluated %d" % (len(load_balancers)) print "Total of number of RDS instances evaluated %d" % (len(dbs)) print "Total of number of Network Interfaces evaluated %d" % (len(enis)) if args.delete: print "Total of number of security groupsa deleted: %d" % (len(delete_candidates)) else: print "Total of number of security groups targeted for removal: %d" % (len(delete_candidates)) # For each security group in the total list, if not in the "used" list, flag for deletion # If running with a "--delete" flag, delete the ones flagged. -
miketheman created this gist
May 7, 2012 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,55 @@ #!/usr/bin/env python import sys import boto import pprint del_flag = '' if len(sys.argv) > 1: del_flag = sys.argv[1] pp = pprint.PrettyPrinter(indent=4) # set credentials ACCESS_KEY="<access key>" SECRET_KEY="<security key>" ec2 = boto.connect_ec2(ACCESS_KEY, SECRET_KEY) allgroups = [] # Get ALL security groups names groups = ec2.get_all_security_groups() for groupobj in groups: allgroups.append(groupobj.name) # pp.pprint(sorted(allgroups)) # Get [running|stopped] instances security groups groups_in_use = [] for state in ['running','stopped']: reservations = ec2.get_all_instances(filters={'instance-state-name': state}) for r in reservations: for inst in r.instances: if inst.groups[0].name not in groups_in_use: groups_in_use.append(inst.groups[0].name) delete_candidates = [] for group in allgroups: if group not in groups_in_use: delete_candidates.append(group) if del_flag == '--delete': print "We will now delete security groups identified to not be in use." for group in delete_candidates: ec2.delete_security_group(group) print "We have deleted %d groups." % (len(delete_candidates)) else: print "The list of security groups to be removed is below." print "Run this again with `--delete` to remove them" pp.pprint(sorted(delete_candidates)) print "Total of %d groups targeted for removal." % (len(delete_candidates)) # For each security group in the total list, if not in the "used" list, flag for deletion # If running with a "--delete" flag, delete the ones flagged.
Tibin George
renamed
this gist 
Tom Ryan
revised
this gist 
lingmann
revised
this gist 
pet0ruk
revised
this gist