Find Risky Security Groups Fast in AWS!


Security Groups can help isolate networks. Finding gaps and exposure may be tedious, so I’ve created a script to help.

The What

This tool will help you scan for ALL rules within Security Groups quickly via Powershell CLI.


How to install is laid out within the AWS documentation here: How to install

Once done, you will need the following modules:

Install-AWSToolsModule AWS.Tools.Ec2

The script also works based on “profiles”. This is laid out in the documentation link above. Once you have these profiles, you can run this script.

If you would only like to scan specific regions, uncomment and edit lines 


Once you are up and running, download the script from GitHub here…

Run the script, and enter the chosen profile:

The script will then scan through each region, and help spot ANY rules.

If it finds exposed, Ec2 instances, it will flag these:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Create a website or blog at

%d bloggers like this: