{"id":13821202,"url":"https://github.com/nmasur/sgcontrol","last_synced_at":"2025-05-16T12:32:57.827Z","repository":{"id":57466142,"uuid":"82974197","full_name":"nmasur/sgcontrol","owner":"nmasur","description":"Foolproof AWS security group management.","archived":true,"fork":false,"pushed_at":"2017-03-09T19:42:25.000Z","size":51,"stargazers_count":9,"open_issues_count":1,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-05-03T11:37:45.132Z","etag":null,"topics":["aws","aws-security","devops","firewall","python","sysadmin","yaml"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nmasur.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-02-23T21:41:48.000Z","updated_at":"2023-05-12T16:46:36.000Z","dependencies_parsed_at":"2022-08-31T03:23:26.483Z","dependency_job_id":null,"html_url":"https://github.com/nmasur/sgcontrol","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmasur%2Fsgcontrol","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmasur%2Fsgcontrol/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmasur%2Fsgcontrol/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmasur%2Fsgcontrol/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nmasur","download_url":"https://codeload.github.com/nmasur/sgcontrol/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254530632,"owners_count":22086649,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-security","devops","firewall","python","sysadmin","yaml"],"created_at":"2024-08-04T08:01:17.459Z","updated_at":"2025-05-16T12:32:52.818Z","avatar_url":"https://github.com/nmasur.png","language":"Python","readme":"# sgcontrol\nFool-proof AWS security group management.\n\nWritten by Noah Masur using [ec2](https://github.com/mattrobenolt/ec2). Inspired by [sgmanager](https://github.com/gooddata/sgmanager), but also works with VPC security group IDs, and allows you to write one list of IPs for several ports.\n\n## Installation\n```pip install sgcontrol```\n\nOr download this repo and run `python sgcontrol.py` to run as a script.\n\n## Using sgcontrol\nDump current AWS security groups to file:\n\n```sgcontrol -d \u003e sg_list.yml```\n\nCompare local file to current AWS security groups:\n\n```sgcontrol sg_list.yml```\n\nApply local changes to current AWS security groups:\n\n```sgcontrol -f sg_list.yml```\n\n## AWS Credentials\nsgcontrol checks for AWS IAM credentials in the following priority:\n\n1. If using flags -A, -S, -R\n2. Environment vars AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_REGION\n3. Interactive prompts\n\nMake sure your AWS IAM role or user has access to your security groups\n\n## Other flags\n- `-f` or `--force` applies changes to AWS\n- `-d` or `--dump` writes AWS groups in YAML format to stdout (or file)\n- `-k` or `--key` forces interactive prompt for AWS credentials\n- `-e` or `--dev` adds the `DEV_` prefix to environment vars, and `dev_` to default file name\n\n## YAML File Format\nYou can get your current security groups dumped in format by running `-d`, but here is the way to format the YAML file from scratch:\n\n```\n---\n- name: SG Group Name\n  rulesets:\n    - ports:\n        - 80\n        - 443\n      cidr_ips:\n        - 99.99.99.99/32\n        - 199.199.199.199/32\n        - 299.299.299.299/32\n    - ports:\n        - 22\n      cidr_ips:\n        - 99.99.99.99/32\n        - sg-99999921\n\n# This group controls the database\n- name: SG Other Group\n  rulesets:\n    - ports:\n        - 3306\n    - cidr_ips:\n        - 99.99.99.99/32\n        - 1.2.3.4/32\n```\n","funding_links":[],"categories":["Python"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnmasur%2Fsgcontrol","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnmasur%2Fsgcontrol","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnmasur%2Fsgcontrol/lists"}