{"id":28448842,"url":"https://github.com/bridgecrewio/aws-collect-unused-security-groups","last_synced_at":"2025-06-19T18:39:09.114Z","repository":{"id":36110220,"uuid":"212453355","full_name":"bridgecrewio/aws-collect-unused-security-groups","owner":"bridgecrewio","description":"Track unused security groups of an AWS account over period of time with control of the interval to sample the security groups","archived":false,"fork":false,"pushed_at":"2023-04-10T21:11:06.000Z","size":31,"stargazers_count":6,"open_issues_count":2,"forks_count":3,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-06-06T13:46:03.401Z","etag":null,"topics":["aws","aws-security","security-groups"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bridgecrewio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-10-02T22:31:40.000Z","updated_at":"2021-11-08T10:27:46.000Z","dependencies_parsed_at":"2022-09-01T08:10:28.163Z","dependency_job_id":null,"html_url":"https://github.com/bridgecrewio/aws-collect-unused-security-groups","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/bridgecrewio/aws-collect-unused-security-groups","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bridgecrewio%2Faws-collect-unused-security-groups","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bridgecrewio%2Faws-collect-unused-security-groups/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bridgecrewio%2Faws-collect-unused-security-groups/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bridgecrewio%2Faws-collect-unused-security-groups/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bridgecrewio","download_url":"https://codeload.github.com/bridgecrewio/aws-collect-unused-security-groups/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bridgecrewio%2Faws-collect-unused-security-groups/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260806430,"owners_count":23065935,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-security","security-groups"],"created_at":"2025-06-06T13:40:04.428Z","updated_at":"2025-06-19T18:39:09.106Z","avatar_url":"https://github.com/bridgecrewio.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Collect unused security groups of an aws account\nA script to track unused security groups of an AWS account over period of time with control of the interval to sample the security groups usage. \nThis script is useful when trying to detect usage of security groups by ephemeral resources \n\n## Table of contents\n* [Setup](#setup)\n* [Execution](#execution)\n* [Contact](#contact)\n\n\n## Setup\nConfigure aws sdk with the account to collect (`~/.aws/credentials file`)\nRun `npm install`\n## Execution\nRun the script with your default configured AWS profile by running: \n```bash \nnode CollectUnusedSecurityGroup.js\n```\nIt will collect unused groups for one hour, and will re-sample the security groups for every 5 minutes. \u003cbr\u003e\nTo change the sampling parameters, refer: \u003cbr\u003e\n \n#### Parameters:\n```\n -p / -profile      The AWS profile to be used, as defined in the AWS credentials file\n -t / -time         The amount of time to run the script (in minutes)\n -i / -interval     The time interval to sample the unused security groups (in minutes)\n --no-default\t    Skip groups named 'default', which are typically default VPC security groups, and can't be deleted\n```\nRunning example: \n```bash \nnode CollectUnusedSecurityGroup.js -p \u003caws_profile\u003e -t \u003ctime_period\u003e -i \u003cinterval_time\u003e \n```\nOutput example json containing unused security groups over the entire period:\n```\n[\n{\n    \"region\": \"us-east-1\",\n    \"groupId\": \"sg-111\",\n    \"groupName\": \"prod-rds\"\n  },\n  {\n    \"region\": \"us-east-1\",\n    \"groupId\": \"sg-2222\",\n    \"groupName\": \"k8s-elb\"\n  },\n  {\n    \"region\": \"us-east-1\",\n    \"groupId\": \"sg-333\",\n    \"groupName\": \"bastion-elb\"\n  },\n  ...\n]  \n```\n\nNote: Interval time units are in minutes\n\n## Contact\nCreated by [Bridgecrew](https://www.bridgecrew.io)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbridgecrewio%2Faws-collect-unused-security-groups","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbridgecrewio%2Faws-collect-unused-security-groups","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbridgecrewio%2Faws-collect-unused-security-groups/lists"}