Python 3 script for migrating AWS EC2 Security Groups across availability regions
One should have Python3 and Bash and AWS CLI properly installed. No special configuration is needed.
AWS Access Key and Secret Key are taken from default profile (~/.aws). They can be set by aws configure.
--h (help)
Shows available keys and their behavior
--s (shell)
Wraps AWS CLI commands into Shell. Optional.
--v (vpc)
Sets VPC ID of destination VPC. Optional.
--sc (src)
Sets source AWS availability region
--ds (dest)
Sets destination AWS availability region. Optional.
Security Group ID
Non-prefix parameter, denoting which group is to be migrated
The solution consists of two scripts: initial generation Python script and resulting Bash script for creating Security Groups. With the first script user sets desired parameters, from wich intermediate Bash scripts with AWS CLI commands is generated. For creating Security Groups one should run this generated Bash script. In case group with the same name is found in destination region it is recreated with the updated rules.
The initial script runs as following:
python aws_sg_migrate.py --vpc=vpc-05643b6c --shell --src=us-east-1 --dest=us-west-1 sg-74323418
For creating pure AWS CLI commands
python aws_sg_migrate.py --vpc=vpc-05643b6c --src=us-east-1 --dest=us-west-1 sg-74323418
For migrating Security Groups from current region --src parameter can be omitted. The current region is taken from profile
python aws_sg_migrate.py --vpc=vpc-05643b6c --dest=us-west-1 sg-74323418
For replicating a Security Group into all regional availability zones --vpc parameter can be omitted, in that way it will be replicated into all regions
python aws_sg_migrate.py --src=us-east-1 sg-74323418