AWS Account ReportAWS ACM Certificate Age ReportAWS ACM Certificate DashboardAWS ACM Certificate DetailAWS API Gateway V2 API Age ReportAWS API Gateway V2 API DashboardAWS API Gateway V2 API DetailAWS Backup Plan DetailAWS Backup Vault DetailAWS CloudFront Distribution DashboardAWS CloudFront Distribution DetailAWS CloudTrail Trail DashboardAWS CloudTrail Trail DetailAWS CloudTrail Trail Encryption ReportAWS CloudTrail Trail Logging ReportAWS CloudWatch Log Group DetailAWS CodeBuild Project Age ReportAWS CodeBuild Project DashboardAWS CodeBuild Project DetailAWS CodeCommit Repository Age ReportAWS CodeCommit Repository DashboardAWS CodeCommit Repository DetailAWS CodePipeline Pipeline Age ReportAWS CodePipeline Pipeline DashboardAWS CodePipeline Pipeline DetailAWS DAX Cluster DetailAWS DynamoDB Table Age ReportAWS DynamoDB Table DashboardAWS DynamoDB Table DetailAWS DynamoDB Table Encryption ReportAWS EBS Snapshot Age ReportAWS EBS Snapshot DashboardAWS EBS Snapshot DetailAWS EBS Snapshot Public Access ReportAWS EBS Volume Age ReportAWS EBS Volume DashboardAWS EBS Volume DetailAWS EBS Volume Encryption ReportAWS EC2 AMI DetailAWS EC2 Application Load Balancer DetailAWS EC2 Classic Load Balancer DetailAWS EC2 Gateway Load Balancer DetailAWS EC2 Instance Age ReportAWS EC2 Instance DashboardAWS EC2 Instance DetailAWS EC2 Instance Public Access ReportAWS EC2 Network Interface DetailAWS EC2 Network Load Balancer DetailAWS ECR Repository Age ReportAWS ECR Repository DashboardAWS ECR Repository DetailAWS ECS Cluster DashboardAWS ECS Cluster DetailAWS ECS Service DetailAWS ECS Task Definition DetailAWS EFS File System Age ReportAWS EFS File System DashboardAWS EFS File System DetailAWS EKS Cluster Age ReportAWS EKS Cluster DashboardAWS EKS Cluster DetailAWS ElastiCache Cluster DetailAWS ElastiCache Cluster Node Age ReportAWS ElastiCache Cluster Node DashboardAWS ElastiCache Cluster Node DetailAWS EMR Cluster Age ReportAWS EMR Cluster DashboardAWS EMR Cluster DetailAWS EventBridge Rule DetailAWS IAM Access Key Age ReportAWS IAM Action Glob ReportAWS IAM Credential ReportAWS IAM Group DashboardAWS IAM Group DetailAWS IAM Policy DetailAWS IAM Role DashboardAWS IAM Role DetailAWS IAM Root Access ReportAWS IAM User DashboardAWS IAM User DetailAWS IAM User Excessive Privilege ReportAWS IAM User MFA ReportAWS KMS CMK Lifecycle ReportAWS KMS Key Age ReportAWS KMS Key DashboardAWS KMS Key DetailAWS Lambda Function DashboardAWS Lambda Function DetailAWS Lambda Function Encryption ReportAWS Lambda Function Public Access ReportAWS OpenSearch Domain DetailAWS RDS DB Cluster Age ReportAWS RDS DB Cluster DashboardAWS RDS DB Cluster DetailAWS RDS DB Cluster Encryption ReportAWS RDS DB Cluster Logging ReportAWS RDS DB Cluster Snapshot Age ReportAWS RDS DB Cluster Snapshot DashboardAWS RDS DB Cluster Snapshot DetailAWS RDS DB Cluster Snapshot Encryption ReportAWS RDS DB Instance Age ReportAWS RDS DB Instance DashboardAWS RDS DB Instance DetailAWS RDS DB Instance Encryption ReportAWS RDS DB Instance Logging ReportAWS RDS DB Instance Public Access ReportAWS RDS DB Instance Snapshot Age ReportAWS RDS DB Instance Snapshot DashboardAWS RDS DB Instance Snapshot DetailAWS RDS DB Instance Snapshot Encryption ReportAWS Redshift Cluster Age ReportAWS Redshift Cluster DashboardAWS Redshift Cluster DetailAWS Redshift Cluster Encryption ReportAWS Redshift Cluster Logging ReportAWS Redshift Cluster Public Access ReportAWS Redshift Snapshot DetailAWS S3 Bucket Age ReportAWS S3 Bucket DashboardAWS S3 Bucket DetailAWS S3 Bucket Encryption ReportAWS S3 Bucket Lifecycle ReportAWS S3 Bucket Logging ReportAWS S3 Bucket Public Access ReportAWS SNS Topic DashboardAWS SNS Topic DetailAWS SNS Topic Encryption ReportAWS SQS Queue DashboardAWS SQS Queue DetailAWS SQS Queue Encryption ReportAWS VPC DashboardAWS VPC DetailAWS VPC Elastic IP DetailAWS VPC Flow Logs DetailAWS VPC Flow Logs ReportAWS VPC Security Group DashboardAWS VPC Security Group DetailAWS VPC Subnet Detail
Dashboard: AWS VPC Security Group Dashboard
This dashboard answers the following questions:
- How many security groups are in each account and region?
- How many security groups are not associated?
- How many default security groups are present?
- How many security groups with unrestricted ingress for SSH & RDP?
- How many security groups are associated with each VPC?
This dashboard contains 4 cards.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-insightsStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select AWS VPC Security Group Dashboard dashboard.
You could also snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe dashboard run aws_insights.dashboard.vpc_security_group_dashboard --shareQueries
This dashboard uses the the following queries:
with default_sg as ( select group_id, case when group_name = 'default' then true else false end as is_default from aws_vpc_security_group)select case when is_default then 'default' else 'non-default' end as default_status, count(*)from default_sggroup by is_default;