import boto3

regions = ['ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'eu-central-1', 'eu-north-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-east-1', 'us-east-2', 'us-west-1', 'us-west-2']

def delete_sg_rule_ingress(sg_id, ingress_rule):
    sg_rv_ingress_rule_response = ec2_client.revoke_security_group_ingress(
        GroupId=sg_id,
        IpPermissions=ingress_rule
    )
    if sg_rv_ingress_rule_response['Return']:
        print(f'{sg_id} ingress rules deleted')

def delete_sg_rule_egress(sg_id, egress_rule):
    sg_rv_egress_rule_response = ec2_client.revoke_security_group_egress(
        GroupId=sg_id,
        IpPermissions=egress_rule
    )
    if sg_rv_egress_rule_response['Return']:
        print(f'{sg_id} egress rules deleted')

def describe_sg():
    default_sgs = []
    paginator = ec2_client.get_paginator('describe_security_groups')
    response_iterator = paginator.paginate()
    for page in response_iterator:
        for sg in page['SecurityGroups']:
            if 'default' in sg.get('GroupName'):
                default_sgs.append([sg['GroupId'], sg['IpPermissions'], sg['IpPermissionsEgress']])
    return default_sgs

if __name__ == '__main__':
    for region in regions:
        ec2_client = boto3.client('ec2', region_name=region)
        default_sgs = describe_sg()
        for sg_id, ingress_rule, egress_rule in default_sgs:
            if ingress_rule:
                delete_sg_rule_ingress(sg_id, ingress_rule)
            if egress_rule:
                delete_sg_rule_egress(sg_id, egress_rule)