How to find Unused Amazon EC2 Security groups

Question

I'm try to find a way to determine orphan security groups so I can clean up and get rid of them. Does anyone know of a way to discover unused security groups.

Either through the console or with the command line tools will work (Running command line tools on linux and OSX machines).

Answer 1

You can delete your unused security groups using AWS GUI. This process of deleting unused security groups is more of a quick hack than an established convention, nonetheless, it works like a charm.

Deleting unused security groups using AWS GUI:

1. Go to EC2 console and navigate to security groups

2. Select all the security groups and click on actions

3. Click on delete security groups

A popup will appear displaying that you cannot delete security groups that are attached to instances, other security groups, or network interfaces, and it will list down all the security groups that you can delete (unused security groups)

4. Now you know all the unused security groups, so click on cancel and delete them separately.