I am trying to clean up my AWS configuration and I want to know if particular subnets are actually used/have any resources in them.
I'm aware you can filter a list of a particular resource type (e.g. EC2 instances) by subnet id, through the AWS web interface, but I am not yet aware of all of the different resource types that may be used - so I am concerned I may miss something.
I have tried inspecting the subnet via the AWS CLI, but I can't see anything that clearly differentiates subnets that are in use and those that are not:
aws ec2 describe-subnets
This question deals with enumerating all IP addresses within a particular subnet's CIDR block, but it doesn't reveal how to show only active IP addresses (which I could presumably use to find the attached AWS resources and confirm a subnet is indeed in use).
This seems like it would be a common task, but I can find no AWS documentation or SO posts on how to do this. Perhaps there is something flawed in my approach.
You can use AWS CLI to list all ENIs associated with the VPC and prettify the output using the --query parameter to get a resource list with the desired fields (AZ, instance-id, etc.).
Public subnets have a default route to an Internet Gateway; private subnets do not. So, to determine if a given subnet is public or private, you need to describe the route table that is associated with that subnet. That will tell you the routes and you can test for a 0.0.
aws ec2 describe-network-interfaces --filters Name=subnet-id,Values=subnet-id-here | grep Description
(replace subnet-id-here
with the subnet id in mind)
The above command will give you the names of resources in that subnet.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With