HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux ip-172-31-42-149 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 07:00:04 UTC 2025 aarch64
User: ubuntu (1000)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Upload Files
File: //usr/local/aws-cli/v2/dist/awscli/examples/ec2/describe-stale-security-groups.rst
**To describe stale security groups**

This example describes stale security group rules for ``vpc-11223344``. The response shows that sg-5fa68d3a in your account has a stale ingress SSH rule that references ``sg-279ab042`` in the peer VPC, and that ``sg-fe6fba9a`` in your account has a stale egress SSH rule that references ``sg-ef6fba8b`` in the peer VPC.

Command::

  aws ec2 describe-stale-security-groups --vpc-id vpc-11223344

Output::

  {
    "StaleSecurityGroupSet": [
        {
            "VpcId": "vpc-11223344", 
            "StaleIpPermissionsEgress": [
                {
                    "ToPort": 22, 
                    "FromPort": 22, 
                    "UserIdGroupPairs": [
                        {
                            "VpcId": "vpc-7a20e51f", 
                            "GroupId": "sg-ef6fba8b", 
                            "VpcPeeringConnectionId": "pcx-b04deed9", 
                            "PeeringStatus": "active"
                        }
                    ], 
                    "IpProtocol": "tcp"
                }
            ], 
            "GroupName": "MySG1", 
            "StaleIpPermissions": [], 
            "GroupId": "sg-fe6fba9a", 
            "Description": MySG1"
        }, 
        {
            "VpcId": "vpc-11223344", 
            "StaleIpPermissionsEgress": [], 
            "GroupName": "MySG2", 
            "StaleIpPermissions": [
                {
                    "ToPort": 22, 
                    "FromPort": 22, 
                    "UserIdGroupPairs": [
                        {
                            "VpcId": "vpc-7a20e51f", 
                            "GroupId": "sg-279ab042",
                            "Description": "Access from pcx-b04deed9", 
                            "VpcPeeringConnectionId": "pcx-b04deed9", 
                            "PeeringStatus": "active"
                        }
                    ], 
                    "IpProtocol": "tcp"
                }
            ], 
            "GroupId": "sg-5fa68d3a", 
            "Description": "MySG2"
        }
    ]
  }