Security Group is used to allow or deny requests coming in (ingress) and/or requests going out (egress). For example, a Security Group could be used to only allow requests within a certain IP address range to come in (ingress) and go out (egress) of an EC2 Instance.

​

This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.

The aws ec2 describe-security-group-rules command can be used to list the inbound and outbound rules associated with your EC2 security groups.

aws ec2 describe-security-groups

Something like this should be returned.

]$ aws ec2 describe-security-group-rules
{
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-05ee7f82c0ae7578f",
            "GroupId": "sg-0778124087b3d14d4",
            "GroupOwnerId": "123456789012",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 22,
            "ToPort": 22,
            "CidrIpv4": "0.0.0.0/0",
            "Description": "Allow SSH",
            "Tags": []
        }
    ]
}

The aws ec2 revoke-security-group-ingress command can be used to delete your Inbound / Ingress EC2 security group rules.

aws ec2 revoke-security-group-ingress --group-id sg-0778124087b3d14d4 --protocol tcp --port 22 --cidr 0.0.0.0/0