Migrating EC2 Security Group from one VPC to another

Did you ever feel the need to copy a security group from one AWS environment to another? Say, you have deployed an application in Dev VPC. Now you are ready to do the same in Test. If you are not using CloudFormation to deploy your resources, you may end up manually creating your security groups and all the underlying rules in every environment. This is how you can migrate your security groups from one AWS account/VPC to another. The attached Python script will allow you to generate AWS CLI shell script to create any given security group just like in source VPC.

Migration Steps Description:

  1. Setup your AWS profile to point to your source VPC
  2. Provide source Security Group ID and target VPC ID
  3. Setup your AWS profile to point to your target VPC
  4. Review generated shell script to make sure all looks good
  5. Run generated shell script to create the security group in target VPC
  6. Review newly created security group in target VPC

Migration Steps Example:

2->./copysg.py --shell --vpc=vpc-xx77675a sg-335f31e5 > sg-335f31e5.sh
3->export AWS_DEFAULT_PROFILE=test
4->vi sg-335f31e5.sh
6->aws ec2 describe-security-groups --query 'SecurityGroups[*].[VpcId, GroupId, GroupName]' --output text


Download Script File: copysg.py

Leave a Reply

Your email address will not be published. Required fields are marked *