CODEWITHSUNDEEP
amazon-web-servicesamazon-vpc
ofer
ofer

Reputation: 4476

How can I list all resources that belongs to a certain VPC?

At my AWS account, I have few VPC. I'm trying to find a way to list all resources that located under a certain VPC.

Thanks!!

Upvotes: 28

Views: 30175

Answers (4)

Alon Lavian
Alon Lavian

Reputation: 1389

You can do it in three ways: AWS CLI, AWS console or code.

AWS CLI

You can use AWS CLI to list all ENIs associated with the VPC and prettify the output using the --query parameter to get a resource list with the desired fields (AZ, instance-id, etc.).

  1. aws ec2 describe-network-interfaces --filters Name=vpc-id,Values=<vpc-id> --query  'NetworkInterfaces[*].[AvailabilityZone, OwnerId, Attachment.InstanceId, PrivateIpAddresses[*].Association.PublicIp]'

  2. aws ec2 describe-network-interfaces --filters Name=vpc-id,Values=<vpc-id> --query  'NetworkInterfaces[*].[RequesterId,Description]'

    A sample of the raw output (only one instance on the VPC):

     "NetworkInterfaces": [
     {
         "Association": {
             "IpOwnerId": "amazon",
             "PublicDnsName": "ec2-54-196-57-169.compute-1.amazonaws.com",
             "PublicIp": "54.196.57.169"
         },
         "Attachment": {
             "AttachTime": "2020-08-24T10:59:16+00:00",
             "AttachmentId": "eni-attach-047e562690aabbffd",
             "DeleteOnTermination": true,
             "DeviceIndex": 0,
             "InstanceId": "i-0fe495a6c17bd0f82",
             "InstanceOwnerId": "570398916848",
             "Status": "attached"
         },
         "AvailabilityZone": "us-east-1d",
         "Description": "",
         "Groups": [
             {
                 "GroupName": "launch-wizard-1",
                 "GroupId": "sg-0aa7d8257bb487e1b"
             }
         ],
         "InterfaceType": "interface",
         "Ipv6Addresses": [],
         "MacAddress": "0e:58:38:33:9a:31",
         "NetworkInterfaceId": "eni-0b20855178d276783",
         "OwnerId": "570398916848",
         "PrivateDnsName": "ip-172-31-34-30.ec2.internal",
         "PrivateIpAddress": "172.31.34.30",
         "PrivateIpAddresses": [
             {
                 "Association": {
                     "IpOwnerId": "amazon",
                     "PublicDnsName": "ec2-54-196-57-169.compute-1.amazonaws.com",
                     "PublicIp": "54.196.57.169"
                 },
                 "Primary": true,
                 "PrivateDnsName": "ip-172-31-34-30.ec2.internal",
                 "PrivateIpAddress": "172.31.34.30"
             }
         ],
         "RequesterManaged": false,
         "SourceDestCheck": true,
         "Status": "in-use",
         "SubnetId": "subnet-e2bc5fbd",
         "TagSet": [],
         "VpcId": "vpc-6ad2e110"
     }
 ]

And now filtered:

  1. For the first --query

     [
     "us-east-1d",
     "57039816848",
     "i-0fe495a6c17bd0f82",
     [
         "44.196.57.169"
     ]
 ]

  2. And for the second --query (another VPC):

     [
     "amazon-elasticache",
     "ElastiCache alon-001"
 ],
 [
     "amazon-elasticache",
     "ElastiCache alon-002"
 ],
 [
     "975289786086",
     "arn:aws:ecs:us-east-2:57039916848:attachment/22a90802-fae7-4afb-9a7e-43e6f4be8ca4"
 ],
 [
     "074689309192",
     "Interface for NAT Gateway nat-069344579d8bda20"
 ],
 [
     "amazon-elb",
     "ELB app/EC2Co-EcsEl-YX74WCWEGOK/0b6d7bc60b540b1"
 ],
 [
     "amazon-elb",
     "ELB app/EC2Co-EcsEl-YX74WCWGGOK/0b6bd7c60b540b1"
 ],
 [
     "amazon-elasticache",
     "ElastiCache alon-003"
 ]

AWS Console

You can do the same using the AWS console. Under EC2->Network Interfaces, search for the desired vpc-id in the search bar. enter image description here

Code

Using a python script called vpc-inside.py you can describe all of your VPC resources.

usage: vpc-inside.py [-h] -v VPC [-r REGION] [-p PROFILE]

optional arguments:
  -h, --help                     show this help message and exit
  -v VPC, --vpc VPC              The VPC to annihilate
  -r REGION, --region REGION     AWS region that the VPC resides in
  -p PROFILE, --profile PROFILE  AWS profile

And the output will look like this:


EKSs in VPC vpc-07ef7f777429cfd82:
Omikron
--------------------------------------------
ASGs in VPC vpc-07ef7f777429cfd82:
eks-pooks-9ebf225b-70a9-a026-034f-c7431df9b7ba resides in vpc-07ef7f777429cfd82
eks-pooks-9ebf225b-70a9-a026-034f-c7431df9b7ba
--------------------------------------------
RDSs in VPC vpc-07ef7f777429cfd82:
--------------------------------------------
EC2s in VPC vpc-07ef7f777429cfd82:
i-0c63874d77ea2ba78
i-043740f224015e69e
--------------------------------------------
Lambdas in VPC vpc-07ef7f777429cfd82:
--------------------------------------------
Classic ELBs in VPC vpc-07ef7f777429cfd82:
--------------------------------------------
ELBs V2 in VPC vpc-07ef7f777429cfd82:
--------------------------------------------
NAT GWs in VPC vpc-07ef7f777429cfd82:
--------------------------------------------
VPC EndPoints in VPC vpc-07ef7f777429cfd82:
--------------------------------------------
IGWs in VPC vpc-07ef7f777429cfd82:
--------------------------------------------
ENIs in VPC vpc-07ef7f777429cfd82:
eni-079231232dc136305
eni-05ff227eca8341a08
eni-0c01b2871887ac3f7
eni-00e11d4f9590161b4
--------------------------------------------
Security Groups in VPC vpc-07ef7f777429cfd82:
sg-0b4554a65e1560745
sg-0f93574d6b180b263
--------------------------------------------
Routing tables in VPC vpc-07ef7f777429cfd82:
rtb-0694bdbdd696b2bed
rtb-072ec82a18d8a04ba
--------------------------------------------
ACLs in VPC vpc-07ef7f777429cfd82:
acl-0c0087eabf9335940
--------------------------------------------
Subnets in VPC vpc-07ef7f777429cfd82:
subnet-0b8cc1132727e5b5d
subnet-0e47ee92a9ca80280
subnet-0c25990d9a138616b
--------------------------------------------

Upvotes: 35

KrishnaSaha
KrishnaSaha

Reputation: 199

You can try in AWS Config > Advanced queries and run below query :

All resources: SELECT resourceId, resourceName, resourceType

Resources directly associated to VPC: SELECT resourceId, resourceName, resourceType WHERE relationships.resourceId = 'vpc-02368dae78f1387e5'

Query can be further enhanced, see some example of preconfigured query.

Upvotes: 19

John Rotenstein
John Rotenstein

Reputation: 269101

VPCs mostly contain EC2 instances, RDS instances, Load Balancers and Lambda functions. Plus, things that use EC2 underneath, like Elasticache. These are the types of resources that connect into a VPC.

Some people suggest using the Tag Editor to find resources: Is there a way to list all resources in AWS.

I also like aws inventory, which simply runs in your browser and does a great job of showing resources. Just give it an Access Key and Secret Key to run.

Upvotes: 8

Chris Williams
Chris Williams

Reputation: 35146

There's no built in service to easily do this.

The best hope you'd have of find all resources is programatically looping over resources that support:

  • SubnetId
  • VpcId

Upvotes: 0

Related Questions