Cloud custodian policy to get all open ports of AWS EC2 instance

Question

I want to list down all open ports for an ec2 instance using cloud custodian policy.. Is there a possible way to do this in single step

policies:
name: ec2-by-port
    resource: ec2
    filters:    
type: security-group
        match-resource: true
        key: FromPort
        value: 80
        key: ToPort
        value: 80

here is the policy file I tried, But I get all the ec2 instances instead of the instances filtered according to port openness.. Please help me with this

Are the outputted resources the same as if the filter is commented out ? If so, then this might be a bug in which case you should open a ticket on the [cloud-custodian github project](https://github.com/cloud-custodian/cloud-custodian/issues). — SomeGuyOnAComputer, Sep 20 '20 at 16:04

score 0 · Answer 1 · answered Sep 18 '20 at 11:30

0

The formatting of your policy seems wrong. This looks like it should do the trick.

policies:
  - name: ec2-by-port
    resource: ec2
    filters:    
      - type: security-group
        match-resource: true
        key: FromPort
        value: 80
        key: ToPort
        value: 80

answered Sep 18 '20 at 11:30

SomeGuyOnAComputer

5,414
6
40
72

No that solution also does not worked for me. My Intention is to get All publicly open ports of Ec2 instance. If you have any other policy to do so please let me know. -Thanks – isurikz Sep 19 '20 at 18:01

Cloud custodian policy to get all open ports of AWS EC2 instance

1 Answers1