#!/bin/bash

aws ec2 describe-network-interfaces --query NetworkInterfaces[].Groups --output text > /tmp/enisg.lst
for sg in $(aws ec2 describe-security-groups --query 'SecurityGroups[*].GroupId' --output text); do
echo -n "$sg : "
grep -c $sg /tmp/enisg.lst
done | sort -k3 -n

rm -f /tmp/enisg.lst