aws:vpc
This is an old revision of the document!
Table of Contents
Virtual Private Cloud (VPC)
intro blurb on VPC, AZ, subnets, IG / NAT gateway
Show unused Security Groups
#!/bin/bash #Get all security groups and check against network interfaces thety are allocated to. echo "" > security_groups.txt for SG in $(aws ec2 describe-security-groups --profile nonprod_admin | jq --raw-output '.[][] | [.GroupId, .GroupName, .Description ] | @csv') do echo $SG #echo $SG | tee security_groups.txt | cut -f1 -d | aws ec2 describe-network-interfaces --filters Name=group-id,Values=${SG} --profile nonprod_admin done # clean up temporary mess rm security_groups.txt
Get subnets in VPC
$ aws ec2 describe-subnets | jq .Subnets.[].SubnetId "subnet-1234abcdab7899876" "subnet-12341bcd207959876"
IPv4 Regex
This works in Cloudformation to tempate the allowed digits in and IPv4 address. Not exhaustively tested.
"^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(22))$"
CF Template example:-
"Parameters": { "VPCCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(22))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/22", "Default": "192.168.192.0/22", "Description": "CIDR block for VPC", "Type": "String" }
This may bea better example:- https://ihateregex.io/expr/ip/
IPv6 Regex
aws/vpc.1753967274.txt.gz · Last modified: by andrew