Amazon Web Services (AWS) - Delete Security Group Rules using the AWS CLI

by
Jeremy Canfield |
Updated: August 03 2023
| Amazon Web Services (AWS) articles
Security Group is used to allow or deny requests coming in (ingress) and/or requests going out (egress). For example, a Security Group could be used to only allow requests within a certain IP address range to come in (ingress) and go out (egress) of an EC2 Instance.
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
The aws ec2 describe-security-group-rules command can be used to list the inbound and outbound rules associated with your EC2 security groups.
aws ec2 describe-security-groups
Something like this should be returned.
]$ aws ec2 describe-security-group-rules
{
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-05ee7f82c0ae7578f",
"GroupId": "sg-0778124087b3d14d4",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv4": "0.0.0.0/0",
"Description": "Allow SSH",
"Tags": []
}
]
}
The aws ec2 revoke-security-group-ingress command can be used to delete your Inbound / Ingress EC2 security group rules.
aws ec2 revoke-security-group-ingress --group-id sg-0778124087b3d14d4 --protocol tcp --port 22 --cidr 0.0.0.0/0
Did you find this article helpful?
If so, consider buying me a coffee over at