Is there a way to export all AWS Security Groups to CSV? moreover, is there a recommended way of keeping track of SR changes?

We have a relatively small dev environment in AWS with about 50 Security groups with multiple permission entries. is there a recommended way of keeping track of SR changes, Access, etc?

My manager dont want to use AWS config (Price wise), so the only way i think of is to export all of the SR to a CSV file - how do I do that?

Thank you! : )

AWS config at $0.003 per change is a trivial cost. It is likely to cost you FAR more to do this any other way. If you really want to do it the hard way you can use the AWS ClI to export json, parse that using some custom written software, and add the parsed data to some kind of data store.

A better way to approach this would be to define all your security groups in CloudFormation, version control it in git / CodeCommit and deploy using CloudFormation, and change IAM permissions so no-one or few people can change security groups in the console.

You can do exports from the console. Here's how.

1. Login to the AWS console, navigate to the EC2 service
2. Select Security Groups
3. Select the top most square checkbox
4. You’ll see a big dropdown button that says, “Export Security Groups to CSV“, simply click it!

Done, your CSV will automatically download.