https://github.com/cyberroute/security-groups-audit
This project automates the cleanup of unused AWS security groups
https://github.com/cyberroute/security-groups-audit
aws aws-lambda
Last synced: 10 months ago
JSON representation
This project automates the cleanup of unused AWS security groups
- Host: GitHub
- URL: https://github.com/cyberroute/security-groups-audit
- Owner: CyberRoute
- License: mit
- Created: 2024-12-24T14:59:08.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-12-24T15:17:13.000Z (over 1 year ago)
- Last Synced: 2025-04-05T18:52:04.330Z (about 1 year ago)
- Topics: aws, aws-lambda
- Language: JavaScript
- Homepage:
- Size: 229 KB
- Stars: 4
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## Cleanup Unused Security Groups
This project automates the cleanup of unused AWS EC2 security groups. It identifies security groups that are not associated with any network interfaces, instances, or Lambda functions, and removes them. Additionally, it tracks the number of deletions via CloudWatch metrics.
## Features
- Identifies unused EC2 security groups across AWS infrastructure.
- Deletes unused security groups (except the default security group).
- Tracks the number of deleted security groups in AWS CloudWatch metrics.
- Runs automatically on a schedule using AWS Lambda and CloudWatch Events.
## Prerequisites
Node.js 20.x
AWS CLI configured with appropriate permissions
Serverless Framework version 3.x
## Permissions Required
The Lambda function requires the following permissions:
- ec2:DescribeSecurityGroups
- ec2:DescribeNetworkInterfaces
- ec2:DescribeInstances
- lambda:ListFunctions
- ec2:DeleteSecurityGroup
- cloudwatch:PutMetricData
## Installation
```bash
git clone
cd cleanup_unused_security_groups
npm install
serverless deploy
```
## Configuration
The function is triggered on a schedule using AWS CloudWatch Events. Update the schedule in serverless.yml if needed.
## Sample CloudWatch log
