Display all unused Security Groups

unused-sg.rb

#!/usr/bin/env ruby

require 'aws-sdk'

region = 'eu-west-1'

Aws.config.update({
  region: region
})

profile = "default"
provider = Aws::SharedCredentials.new(profile_name: profile)

ec2 = Aws::EC2::Client.new(credentials: provider)
elb = Aws::ElasticLoadBalancing::Client.new(credentials: provider)
rds = Aws::RDS::Client.new(credentials: provider)

security_groups = ec2.describe_security_groups.security_groups.map { |sg| sg.group_id }.sort
instance_sgs = ec2.describe_instances.reservations.map{ |r| r.instances.map { |i| i.security_groups.map { |sg| sg.group_id } } }.flatten.uniq.sort
elb_sgs = elb.describe_load_balancers.load_balancer_descriptions.map { |elb| elb.security_groups}.flatten.sort
rds_sgs = rds.describe_db_instances.db_instances.map { |db| db.vpc_security_groups.map { |sg| sg.vpc_security_group_id } }.flatten.sort

sgs = security_groups - instance_sgs - elb_sgs - rds_sgs

puts "https://" + region + ".console.aws.amazon.com/ec2/v2/home?region=" + region + "#SecurityGroups:search=" + sgs.join(",") + ";sort=desc:groupId"