- Newest
- Most votes
- Most comments
Hi, I contacted one of our SME in AWS and he told that the old and deprecated EC2-classic security groups are still there, but not visible anymore. He suggested to open a ticket to solve the issue of having them listed out by their support group, so that you can migrate them and then ask to remove the old one.
Did you check via aws ec2-describe-security-groups --<region> to verify if still present the original security group in the list? Did you check using aws ec2 describe-instances --instance-ids <id> --query with the network-interface.group-id parameter to check what you see via cli and not console?
Thank you for your reply.
command:
aws ec2 describe-instances --instance-ids i-272d2324 --query 'Reservations[].Instances[].[SecurityGroups[],InstanceId,NetworkInterfaces]'output:
[[[[{"GroupName":"quick-start-1","GroupId":"sg-a95225a8"}],"i-272d2324",[]]]]command:
aws ec2 describe-security-groups --query "SecurityGroups[].[GroupId,GroupName]"output:
[["sg-558d4430","default"]]I think it is the same as what is shown in the console
Hi, did you check in trail to understand if anyone did anything? Do you have full access and no policy restriction on NSGs? Is the NSG in the default VPC? Try also aws ec2 describe-security-groups --filters Name=vpc-id,Values=vpc-XXX --filters Name=group-name,Values=your_group_name Same result?
I am aware that our instance does not belong to a VPC, and having a VPC is now a necessary option for a security group. Our security group did not have any VPC assigned, which is why it disappeared.
Am I correct? If this is true, is there any way to recover my lost security group?
So, I'm understanding that you had EC2-Classic Security Group and now you need to migrate to EC2-VPC due to EC2-Classic sunset. This is a good starting point to find classic resources and migrate to the EC2-VPC model. https://aws.amazon.com/blogs/aws/ec2-classic-is-retiring-heres-how-to-prepare/ Please advise how you are moving forward and if needs other help
Yes, you are correct! That's exactly my situation.
I have posted another question regarding the migration process here:
https://repost.aws/questions/QUAW5vwj7jRqKkG97kzNenmg/migrate-ec-2-classic-to-ec-2-vpc
In the blog I included in the previous mail, you can find the link to the https://github.com/aws-samples/ec2-classic-resource-finder that can help you find the security groups EC2-Classic
ec2-classic-resource-finder outputs Classic_EC2_Instances.csv, which lists up 2 Classic EC2 instances, but there is no information about their security groups. And the file Classic_SGs.csv is empty.
Relevant content
- asked a year ago
AWS OFFICIALUpdated 10 months ago- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a year ago
I think I can't open a support ticket without purchasing the AWS Developer Support plan. So in realistic, I think I have to create a new security group in VPC from my memory. Thank you very much for your continuous help.