10

Is there a way to describe a Security Group in a specific VPC?

Here is what I am trying to run :

aws ec2 describe-security-groups --group-name "<group-name>" --filter Name=vpc-id,Values=<my-vpc-id>

But it is returning this error :

A client error (VPCIdNotSpecified) occurred when calling the DescribeSecurityGroups operation: No default VPC for this user

I appreciate your help,

Thanks

Arun Avanathan
  • 982
  • 4
  • 11
  • 26
  • After going over documentation once again, seems like we need to describe by "group-id" if we are querying for a non-default VPC. Reference : https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-security-groups.html – Arun Avanathan Nov 02 '16 at 05:14
  • Are you asking how to describe a *specific* security group, or all security groups in the given VPC? If it is a specific security group, do you wish to provide the name or the ID of the group? – John Rotenstein Nov 02 '16 at 07:10

1 Answers1

20

To describe all security groups in a given VPC:

aws ec2 describe-security-groups --filters "Name=vpc-id,Values=vpc-abcd1234"

To describe a specific security group by its ID:

aws ec2 describe-security-groups --group-id sg-1234abcd

To describe a specific security group by its name (for non-default VPCs):

aws ec2 describe-security-groups --filters Name=group-name,Values=MY-SG

To describe a specific security group by its name and VPC (since there can be multiple groups with the same name in different VPCS):

aws ec2 describe-security-groups --filters Name=group-name,Values=MY-SG Name=vpc-id,Values=vpc-abcd1234

See AWS Command-Line Interface (CLI) documentation: describe-security-groups

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
  • Thanks, this is what I was looking for : `aws ec2 describe-security-groups --filters Name=group-name,Values=MY-SG ` – Arun Avanathan Nov 02 '16 at 21:51
  • @ArunAvanathan, without adding the vpc (Name=vpc-id,Values=vpc-abcd1234) you risk returning similarly named groups once multiple VPCs are created in your account. One example is the creation of a Windows VPC. Let's say both VPCs create a group "infrastructure". Your code will return both sg-ids unless it filters by vpc-id. – Jason2616321 Oct 27 '17 at 21:00
  • Thanks @Jason2616321 Thats right. And hence, we wanted a way to find with VPCid in the filter. – Arun Avanathan Oct 29 '17 at 19:21