When you have an S3 endpoint target in a securitygroup, the entry is not listed by the tool

Using Python 3.6. Same error with 2.7. Virtualenv. On macOS 10.
I could export to JSON but not CSV.

I tried changing output = StringIO.StringIO() to output = StringIO() like I saw in another thread. It didn't work.

(env) host:ec2-security-groups-dumper user$ ec2-security-groups-dumper --csv > sg.csv
Traceback (most recent call last):
File "/Users/user/Documents/aws/ec2-security-groups-dumper/env/bin/ec2-security-groups-dumper", line 11, in
sys.exit(main())
File "/Users/user/Documents/aws/ec2-security-groups-dumper/env/lib/python3.6/site-packages/ec2_security_groups_dumper/main.py", line 376, in main
print(firewall.csv)
File "/Users/user/Documents/aws/ec2-security-groups-dumper/env/lib/python3.6/site-packages/ec2_security_groups_dumper/main.py", line 255, in csv
output = StringIO.StringIO()
AttributeError: type object '_io.StringIO' has no attribute 'StringIO'

AWS recently added the ability to record a description against individual SG rules. It'd be great if this tool could export those aswell.

@lra
here is what i get. again the JSON works fine, it is the CSV

[root@ip-10-0-1-32 ~]# ec2-security-groups-dumper --csv
Traceback (most recent call last):
File "/usr/local/bin/ec2-security-groups-dumper", line 9, in
load_entry_point('ec2-security-groups-dumper==1.1', 'console_scripts', 'ec2-security-groups-dumper')()
File "/usr/local/lib/python2.6/site-packages/ec2_security_groups_dumper/main.py", line 281, in main
print firewall.csv
File "/usr/local/lib/python2.6/site-packages/ec2_security_groups_dumper/main.py", line 213, in csv
writer.writeheader()
AttributeError: DictWriter instance has no attribute 'writeheader'
[root@ip-10-0-1-32 ~]#

Hello, is it possible to add the EC2 and RDS ID?

I'm having difficult changing the AWS region where the security groups are being pull. I tired setting the region in ~/.aws/config and ~/.boto, but it only pull the security groups from us-east-1.

First off, thank you for hard work on this great tool!
I am running into an issue with csv output for rules that have a security group defined in "rules_grants_group_id" . Data for the "rules_ip_protocol" column is missing in the mentioned scenario.

Removing https://github.com/percolate/ec2-security-groups-dumper/blob/master/ec2_security_groups_dumper/main.py#L62-L63 from the code allows non tcp/udp protocols to come through as their IP protocol number, which is useful

Exporting to JSON works fine, but when I try CSV, I get the error below.

ec2-security-groups-dumper --csv

Traceback (most recent call last):
File "/usr/local/bin/ec2-security-groups-dumper", line 9, in
load_entry_point('ec2-security-groups-dumper==1.0', 'console_scripts', 'ec2-security-groups-dumper')()
File "/usr/local/lib/python2.7/dist-packages/ec2_security_groups_dumper/main.py", line 280, in main
print firewall.csv
File "/usr/local/lib/python2.7/dist-packages/ec2_security_groups_dumper/main.py", line 213, in csv
for fr in self.rules:
File "/usr/local/lib/python2.7/dist-packages/ec2_security_groups_dumper/main.py", line 151, in rules
raise ValueError
ValueError

Any ideas?

I am not getting the description of each rule being pulled from the export. In the CSV the rules_description column is all blank, and in the json, the rules all have a description of "description": null.

Any reason for this?

i was orignally getting this error with python 2:

AttributeError: class StringIO has no attribute 'StringIO'

i saw others had related issue and followed

changing
output = StringIO.StringIO()

to

output = StringIO()

now i get this error for both python 2 and python3 👍
Traceback (most recent call last):
File "/usr/local/bin/ec2-security-groups-dumper", line 10, in
sys.exit(main())
File "/usr/local/lib/python3.7/site-packages/ec2_security_groups_dumper/main.py", line 376, in main
print(firewall.csv)
File "/usr/local/lib/python3.7/site-packages/ec2_security_groups_dumper/main.py", line 269, in csv
for fr in self.rules:
File "/usr/local/lib/python3.7/site-packages/ec2_security_groups_dumper/main.py", line 197, in rules
rules_description=grant_row['description'])
File "/usr/local/lib/python3.7/site-packages/ec2_security_groups_dumper/main.py", line 66, in init
u'tcp', u'udp', u'icmp', u'icmpv6', "-1", None)
AssertionError

Greetings All,

I was wondering if someone is using this script could shed some light please..

1. First in the this Doc EC2 dumper script the script name in the install command has dashes and not underscores, like so:
   pip install ec2-security-groups-dumper

So I used the name with underscores to install it: ec2_security_groups_dumper (see below)

bash-3.2$ pip install ec2_security_groups_dumper Collecting ec2_security_groups_dumper Downloading ec2-security-groups-dumper-1.7.1.tar.gz Collecting boto (from ec2_security_groups_dumper) Downloading boto-2.48.0-py2.py3-none-any.whl (1.4MB) 100% |████████████████████████████████| 1.4MB 718kB/s Collecting docopt (from ec2_security_groups_dumper) Downloading docopt-0.6.2.tar.gz Installing collected packages: boto, docopt, ec2-security-groups-dumper Running setup.py install for docopt ... done Running setup.py install for ec2-security-groups-dumper ... done Successfully installed boto-2.48.0 docopt-0.6.2 ec2-security-groups-dumper-1.7.1

2. Now, I am having issues running the script:

Please note, I run it with dashes and underscores, nothing works

>> with underscores
bash-3.2$ ec2_security_groups_dumper --json > /tmp/ec2-sec-grp.csv bash: ec2_security_groups_dumper: command not found
>> with dashes
bash-3.2$ ec2-security-groups-dumper --json > /tmp/ec2-sec-grp.csv bash: ec2-security-groups-dumper: command not found

Here is the directory I am running it from: as you can see the script name has underscores and not dashes, but in the Doc it uses dashes.. I am confused :(
bash-3.2$ ls -ltr
-rwxr-xr-x@ 1 abdel.aboufariss staff 999 Aug 25 15:16 setup.py
drwxr-xr-x@ 4 abdel.aboufariss staff 136 Aug 25 15:16 ec2_security_groups_dumper
-rwxr-xr-x@ 1 abdel.aboufariss staff 204 Aug 25 15:16 circle.yml
-rwxr-xr-x@ 1 abdel.aboufariss staff 252 Aug 25 15:16 Makefile
-rwxr-xr-x@ 1 abdel.aboufariss staff 35122 Aug 25 15:16 LICENSE
-rwxr-xr-x@ 1 abdel.aboufariss staff 1238 Oct 6 17:49 README.md

Thanks for your input..
-AJ

Thanks for coming up with this nice tool. But I get an error for csv option

ec2-security-groups-dumper --csv
Traceback (most recent call last):
File "/usr/local/bin/ec2-security-groups-dumper", line 11, in
sys.exit(main())
File "/Library/Python/2.7/site-packages/ec2_security_groups_dumper/main.py", line 295, in main
print firewall.csv
File "/Library/Python/2.7/site-packages/ec2_security_groups_dumper/main.py", line 228, in csv
for fr in self.rules:
File "/Library/Python/2.7/site-packages/ec2_security_groups_dumper/main.py", line 162, in rules
rules_grants_cidr_ip=grant_row['cidr_ip'])
File "/Library/Python/2.7/site-packages/ec2_security_groups_dumper/main.py", line 57, in init
assert rules_ip_protocol in (u'tcp', u'udp', u'icmp', None)
AssertionError

I've seen other threads (Reddit, etc.) talking about having ec2-security-groups-dumper export to usable CloudFormation templates (yaml). This would be extremely helpful.

Are there other solutions out there using the output of ec2-security-groups-dumper in csv or json as valid input to easily create a new security group using the dumped output?

Is there a way to list security groups from non-default vpc's?