寻找命令以提取AWS安全组的列表&他们使用AWS CLI
的入站/出站规则到目前为止,能够提取SGS,但没有其相关规则。已经尝试使用PowerShell作为AWS,但它返回不完整的结果,即没有显示所有SG。
您需要致电describe-security-groups
才能获取安全组列表。
这是我的安全组之一的示例输出:
{
"SecurityGroups": [
{
"Description": "SSH & Windows",
"GroupName": "SSHWin-SG",
"IpPermissions": [
{
"FromPort": 22,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "73.21.198.65/32"
},
{
"CidrIp": "54.240.123.1/32"
},
{
"CidrIp": "167.129.152.56/32"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 22,
"UserIdGroupPairs": []
},
{
"FromPort": 3389,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "73.21.198.65/32"
},
{
"CidrIp": "54.240.123.1/32"
},
{
"CidrIp": "167.129.152.56/32"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 3389,
"UserIdGroupPairs": []
}
],
"OwnerId": "123456789012",
"GroupId": "sg-91cb39d6",
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"Tags": [
{
"Key": "Name",
"Value": "Ops"
}
],
"VpcId": "vpc-7d097214"
}
]
}
IpPermissions
部分返回 Inbound 权限和IpPermissionsEgress
节返回出口 permissions。