How can I get the the ID of an AWS security group if I know the name?

Question

I'm using the AWS CLI and I want to get the ID of security group whose name I know (kingkajou_sg). How can I do it?

When I ask it to list all the security groups, it does so happily:

$ aws ec2 describe-security-groups | wc -l
     430

When I grep through this information, I see that the SG in question is listed:

$ aws ec2 describe-security-groups | grep -i kingkajou_sg
            "GroupName": "kingkajou_sg",

However, when I try to get the information about only that security group, it won't let me. Why?

$ aws ec2 describe-security-groups --group-names kingkajou_sg

An error occurred (InvalidGroup.NotFound) when calling the 
DescribeSecurityGroups operation: The security group 'kingkajou_sg' does not exist in default VPC 'vpc-XXXXXXXX'

Can someone please provide me the one line command that I can use to extract the Security group's ID given its name? You can assume that the command will be run from within an EC2 which is in the same VPC as the Security group.

Herethere is small bash script to get the security group ID with wildcard support names. No need to specify the default or vpc id. All you need correct permissions to get the details. click on link to see the code . https://ideasofpraveen.blogspot.com/2022/09/aws-cli-get-security-group-id-with-name.html — Praveen Gowda, Sep 14 '22 at 12:43
You can get the results with both ID and names from Boto 3 script.https://ideasofpraveen.blogspot.com/2022/09/aws-cli-get-security-group-id-with-name_15.html — Praveen Gowda, Sep 15 '22 at 10:38

victor m · Answer 1 · 2020-08-19T14:45:08.200

From the API Documentation:

--group-names (list)

[EC2-Classic and default VPC only] One or more security group names. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, use the group-name filter to describe security groups by name.

If you are using a non-default VPC, use the Filter

aws ec2 describe-security-groups --filter Name=vpc-id,Values=<my-vpc-id> Name=group-name,Values=kingkajou_sg --query 'SecurityGroups[*].[GroupId]' --output text

score 2 · Answer 2 · answered Nov 13 '19 at 11:18

If it's in a VPC and you know the name & region and vpc id, you can try it like below:

aws ec2 describe-security-groups --region eu-west-1 --filter Name=vpc-id,Values=vpc-xxxxx Name=group-name,Values=<your sg name> --query 'SecurityGroups[*].[GroupId]' --output text

score 1 · Answer 3 · edited Jul 04 '19 at 01:46

1

You just need to add --query 'SecurityGroups[*].[GroupId]' option with aws cli command.

aws ec2 describe-security-groups --group-names kingkajou_sg --query 'SecurityGroups[*].[GroupId]' --output text

edited Jul 04 '19 at 01:46

GroovyDotCom

1,304
2
15
29

answered Aug 14 '18 at 09:07

Mithun Biswas

1,617
1
12
19

3

This will only work when security group is created in the default VPC. – rahuljain1311 Oct 31 '19 at 06:13

score 0 · Answer 4 · answered Sep 07 '22 at 16:56

To get the IDs of all security groups with a name matching exactly a specified string (default in this example) without specifying a VPC ID, use the following:

aws ec2 describe-security-groups --filter Name=group-name,Values=default --output json | jq -r .SecurityGroups[].GroupId

Note: this works for security groups even if they are not in the default VPC.

score 0 · Answer 5 · answered Sep 21 '22 at 13:22

Small shell script to list security with search string as a variable. and we can tag the security groups. https://ideasofpraveen.blogspot.com/2022/09/aws-cli-get-security-group-id-with-name.html.

If you want boto3 script to integrate with lambda for automations . https://ideasofpraveen.blogspot.com/2022/09/aws-cli-get-security-group-id-with-name_15.html

How can I get the the ID of an AWS security group if I know the name?

5 Answers5