From 1ddc2f2fe0a1575c93f7d87d682b4e8c90c15bf9 Mon Sep 17 00:00:00 2001
From: x p k <xpk@headdesk.me>
Date: Wed, 7 Jun 2023 13:39:37 +0800
Subject: [PATCH] NEW: script to list unused SG

---
 aws/list-unused-sg.sh | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100755 aws/list-unused-sg.sh

diff --git a/aws/list-unused-sg.sh b/aws/list-unused-sg.sh
new file mode 100755
index 0000000..4365b3c
--- /dev/null
+++ b/aws/list-unused-sg.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+aws ec2 describe-network-interfaces --query NetworkInterfaces[].Groups --output text > /tmp/enisg.lst
+for sg in $(aws ec2 describe-security-groups --query 'SecurityGroups[*].GroupId' --output text); do
+echo -n "$sg : "
+grep -c $sg /tmp/enisg.lst
+done | sort -k3 -n
+
+rm -f /tmp/enisg.lst