2
1
Is there any ways to trigger an alert when an AWS security group reach the maximum limit of 50 rules per group and when a maximum of 5 security group per Instance is created?
user2083200
Posted 2015-07-22T04:04:38.757
Reputation: 43
AWS Security Group Rules Limit
Answers
2
The AWS Trusted Advisor allows for a weekly status update. https://console.aws.amazon.com/trustedadvisor/
Some of its metrics include "Large Number of EC2 Security Group Rules Applied to an Instance" and "Large Number of Rules in an EC2 Security Group". There's a lot of other useful metrics in there as well.
I assume you know where you can check your current limits, but just in case: https://console.aws.amazon.com/ec2/v2/home?region=eu-west-1#Limits:
where you replace the region with the one you're interested in, or you can select it in the dropdown in the top right.
If the weekly updates are not enough it's probably easiest to just create a script that calls the API and tallies the current security groups and its rules.
madeddie
Posted 2015-07-22T04:04:38.757
Reputation: 351
1As number of security groups can reach/exceed limit anytime of the day and week, calling an API would be the best option – pun – 2015-07-23T15:45:40.230
1Yes, this can be relatively easily accomplished by using curl with the API, or even better, one of the language specific SDKs and libraries that are available. – madeddie – 2015-07-24T14:04:44.793