I wish to find which security groups refers only to another security group and not to EC2 instance (for example). http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#EC2.Client.describe_security_group_references is only for VPCs.
Asked
Active
Viewed 524 times
0
-
Can you provide more information as to WHY you want this? We might be able to suggest a better way to achieve your goal. For example, is it to figure out the impact of changes to security groups? – John Rotenstein Oct 26 '16 at 11:51
-
I wish to eliminate SG that are referenced only by another SG. – OLS Oct 26 '16 at 12:21
-
discussed with AWS team. there's now direct nor easy way to do such thing. – OLS Oct 31 '16 at 14:27
1 Answers
1
You are correct that describe_security_group_references is supported only for VPC and only for groups involved in a peering connection. This is not a limitation of boto3 but, rather, of the EC2 API.
To get the equivalent functionality for non-VPC security groups you would have to retrieve all of those groups via describe_security_groups and then write your own code to find the groups which only reference other groups.
garnaat
- 44,310
- 7
- 123
- 103