Nice Parakeet Marriage

    detach-aws-sg-from-eni

    1.0.1 • Public • Published

    detach-aws-sg-from-eni

    NPX script that lists all the ENIs that are attached to a specific security group and gives the option to remove that security group attachement.

    npx detach-aws-sg-from-eni --id sg-04749f5c743ca2c8c
    

    or

    npx detach-aws-sg-from-eni --name my-garbage-sg
    

    Under the hood, this NPX script used the following AWS CLI v2 commands:

    • List the ENIs:
    aws ec2 describe-network-interfaces --filters Name=...,Values=...
    
    • Update the security group IDs on those ENIs:
    aws ec2 modify-network-interface-attribute --network-interface-id <ENI ID> --groups <SG ID 2> <SG ID 2>
    

    Official doc at:

    Why creating this

    When provisioning AWS Lambda in private subnets using IaC tools such as Pulumi, Terraform or CloudFormation, ENIs are created in the background. If security groups are also configured on that Lambda, those security groups are implicitly attached to those ENIs, though those ENIs are not explicitly described in the IaC scripts. When the stack is destroyed, the security groups get stuck because the IaC is not aware of the relation between the ENIs and those security groups. Manually detaching security groups from ENIs in the AWS console can be tedious and prone to human mistakes. This utility aims to fix this issue safely and transparently.

    License

    BSD 3-Clause License

    Install

    npm i detach-aws-sg-from-eni

    DownloadsWeekly Downloads

    8

    Version

    1.0.1

    License

    BSD-3-Clause

    Unpacked Size

    11.1 kB

    Total Files

    7

    Last publish

    Collaborators

    • neapnic