How can I get the the ID of an AWS security group if I know the name?

Question

I'm using the AWS CLI and I want to get the ID of security group whose name I know (kingkajou_sg). How can I do it?

When I ask it to list all the security groups, it does so happily:

$ aws ec2 describe-security-groups | wc -l
     430

When I grep through this information, I see that the SG in question is listed:

$ aws ec2 describe-security-groups | grep -i kingkajou_sg
            "GroupName": "kingkajou_sg",

However, when I try to get the information about only that security group, it won't let me. Why?

$ aws ec2 describe-security-groups --group-names kingkajou_sg

An error occurred (InvalidGroup.NotFound) when calling the 
DescribeSecurityGroups operation: The security group 'kingkajou_sg' does not exist in default VPC 'vpc-XXXXXXXX'

Can someone please provide me the one line command that I can use to extract the Security group's ID given its name? You can assume that the command will be run from within an EC2 which is in the same VPC as the Security group.

Answer 1

From the API Documentation:

--group-names (list)

[EC2-Classic and default VPC only] One or more security group names. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, use the group-name filter to describe security groups by name.

If you are using a non-default VPC, use the Filter

aws ec2 describe-security-groups --filter Name=vpc-id,Values=<my-vpc-id> Name=group-name,Values=kingkajou_sg --query 'SecurityGroups[*].[GroupId]' --output text