Amazon Web Services (AWS) - List Security Groups using the AWS CLI

by
Jeremy Canfield |
Updated: August 08 2023
| Amazon Web Services (AWS) articles
A Security Group is used to allow or deny requests coming in (ingress) and/or requests going out (egress). For example, a Security Group could be used to only allow requests within a certain IP address range to come in (ingress) and go out (egress) of an EC2 Instance.
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
The aws ec2 describe-security-groups command can be used to list your EC2 security groups.
aws ec2 describe-security-groups
The --filter option can be used to only return Security Groups matching a certain name.
aws ec2 describe-security-groups --filters Name=group-name,Values=my-security-group
And here is an example of how to limit the output using the --query option.
aws ec2 describe-security-groups --query 'SecurityGroups[?GroupName==`default`]'
Something like this should be returned.
{
"SecurityGroups": [
{
"Description": "My security group",
"IpPermissions": [
{
"FromPort": 22,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0",
"Description": "SSH"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 22,
"UserIdGroupPairs": []
}
],
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"UserIdGroupPairs": [],
"PrefixListIds": []
}
],
"Tags": [
{
"Value": "my Security Group",
"Key": "Name"
}
],
"GroupName": "my-security-group",
"VpcId": "vpc-1a2b34aa",
"OwnerId": "123456789012",
"GroupId": "sg-0c3296123415abcd1",
}
]
}
Did you find this article helpful?
If so, consider buying me a coffee over at