oremj/unused_security_groups.py

## unused_security_groups.py
from boto import ec2
from boto.ec2 import elb


c = ec2.connect_to_region("us-east-1")
elb_c = elb.connect_to_region("us-east-1")

all_sgs = set()
in_use = set()

instances = c.get_only_instances()
for i in instances:
    for sg in i.groups:
        in_use.add(sg.id)

for e in elb_c.get_all_load_balancers():
    for sg in e.security_groups:
        in_use.add(sg)

security_groups = c.get_all_security_groups()
for sg in security_groups:
    all_sgs.add(sg.id)
    for rule in sg.rules:
        for grant in rule.grants:
            if grant.group_id:
                in_use.add(grant.group_id)

for i in c.get_all_network_interfaces():
    for sg in i.groups:
        in_use.add(sg.id)


for sg in c.get_all_security_groups(group_ids=list(all_sgs - in_use)):
    print sg
	from boto import ec2
	from boto.ec2 import elb


	c = ec2.connect_to_region("us-east-1")
	elb_c = elb.connect_to_region("us-east-1")

	all_sgs = set()
	in_use = set()

	instances = c.get_only_instances()
	for i in instances:
	for sg in i.groups:
	in_use.add(sg.id)

	for e in elb_c.get_all_load_balancers():
	for sg in e.security_groups:
	in_use.add(sg)

	security_groups = c.get_all_security_groups()
	for sg in security_groups:
	all_sgs.add(sg.id)
	for rule in sg.rules:
	for grant in rule.grants:
	if grant.group_id:
	in_use.add(grant.group_id)

	for i in c.get_all_network_interfaces():
	for sg in i.groups:
	in_use.add(sg.id)


	for sg in c.get_all_security_groups(group_ids=list(all_sgs - in_use)):
	print sg