Cloud/AWS

[AWS/CLI] describe-security-groups

dhyuck 2021. 11. 15. 23:04
반응형

Describes the specified security groups or all of your security groups.

  • 모든 보안그룹 상세정보 조회

      aws ec2 describe-security-groups --profile {PROFILE_NAME}
  • vpc-id로 필터링

      aws ec2 describe-security-groups --profile {PROFILE_NAME} \
      --filters "Name=vpc-id, Values=vpc-00000000000000000"
  • VPC별 보안그룹에서 SSH(TCP 22) 룰이 있는 보안그룹 조회

      aws ec2 describe-security-groups --profile {PROFILE_NAME} \
      --filters "Name=vpc-id, Values=vpc-00000000000000000" "Name=ip-permission.protocol, Values=tcp" "Name=ip-permission.from-port, Values=22" "Name=ip-permission.to-port, Values=22" 
  • VPC별 보안그룹의 id 조회

      aws ec2 describe-security-groups --profile {PROFILE_NAME} \
      --filters "Name=vpc-id, Values=vpc-00000000000000000" \
      --query "SecurityGroups[*].GroupId"
  • VPC별 보안그룹의 이름과 IP Permissions 조회

      aws ec2 describe-security-groups --profile {PROFILE_NAME} \
      --filters "Name=vpc-id, Values=vpc-00000000000000000" \
      --query "SecurityGroups[*].{Name:GroupName, IP_Permissions:IpPermissions}"
  • 모든 보안 그룹의 Name과 IP Permissions에서 FromPort와 ToPort 조회

      aws ec2 describe-security-groups --profile {PROFILE_NAME} \
      --query "SecurityGroups[*].{Name:GroupName, IP_Permissions:IpPermissions[*].{From_Port:FromPort, To_Port:ToPort}}"
  • 모든 보안그룹의 Name과 IP Permissions에서 FromPort, ToPort, Cidr 조회

      aws ec2 describe-security-groups --profile {PROFILE_NAME} \
      --query "SecurityGroups[*].{Name:GroupName, IP_Permissions:IpPermissions[*].{From_Port:FromPort, To_Port:ToPort, IpRanges:IpRanges[*].CidrIp}}"
  • 모든 보안 그룹의 Name과 IP Permissions에서 FromPort, ToPort, Cidr, UserIdGroupPairs 조회

      aws ec2 describe-security-groups --profile {PROFILE_NAME} \
      --query "SecurityGroups[*].{Name:GroupName, IP_Permissions:IpPermissions[*].{From_Port:FromPort, To_Port:ToPort, IpRanges:IpRanges[*].CidrIp, UserIdGroupPairs:UserIdGroupPairs[*].Description}}"

반응형

'Cloud > AWS' 카테고리의 다른 글

[AWS] CodeBuild  (0) 2022.04.27
[AWS] CodeCommit  (0) 2022.04.12
[AWS/CLI] start-instances / stop-instances  (0) 2021.10.27
[AWS/CLI] create-route  (0) 2021.10.27
[AWS/CLI] authorize-security-group-ingress  (0) 2021.10.20