AWS: Find Private IP addresses attached to Security Groups

Hi friends. Ever wonder how to get  dynamic private IP addresses (say ones assigned to an internal ALB) associated with your Security Groups? Ok to start, this is crude, I’ll admit it – but it works – and when I find a better way I will share.

First, since we are using VPC and not classic  no more querying by Security Group name – we have to get the Security group ID ( also now dynamic in AWS ).  So for our first query you have to know what attribute you want search.

#The following will give Security group IDs for all SG's using 0.0.0.0/0

aws ec2 describe-security-groups --filters "Name=ip-permission.cidr,Values=0.0.0.0/0" --query "SecurityGroups[].[GroupId, GroupName]" --output text

#OR list your groups which groups use port 80

aws ec2 describe-security-groups --filters "Name=ip-permission.to-port,Values=80" --query "SecurityGroups[].[GroupId, GroupName]" --output text

# and then grab the security-group id from the output of the above command and place it in the values section below

aws ec2 describe-network-interfaces --filters Name=group-id,Values=sg-xxxxxx | grep PrivateIpAddress
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s