Skip to main content

How to Delete an Unused Security Group

Overview

Unused security groups add clutter to your VPC configuration and make it harder to audit your security posture. While AWS does not charge for security groups, keeping unused resources creates management overhead and potential confusion during incident response. This tutorial walks through identifying and deleting an unused security group in the AWS Console.

Cost Impact: No direct cost savings, but reduces clutter and simplifies security audits.

Prerequisites

  • AWS Console access with EC2 permissions
  • At least one unused (unattached) security group in your account

Step 1: Open the Security Groups Console

Navigate to the EC2 Security Groups console.

You'll see a list of all security groups in your account.

Step 2: Find the Unused Security Group

In the search bar, enter the security group ID sg-0b6a179b9f5de4f88 or name remediation-sg-unused-unused-sg to locate the target resource.

Step 3: Select the Security Group

Select the checkbox next to the security group remediation-sg-unused-unused-sg (sg-0b6a179b9f5de4f88). You can verify it is unused by checking the Network interfaces tab in the details pane below — it should show no associated resources.

Step 4: Delete the Security Group

Click ActionsDelete security groups.

Step 5: Confirm Deletion

In the confirmation dialog, type delete and click Delete to permanently remove the security group. Since this security group is not attached to any resources, deletion will not affect any running workloads.

Step 6: Verify Deletion

You should see a success notification confirming the security group has been deleted. The security group will no longer appear in the list.

Alternative Approaches

AWS CLI

Delete an unused security group using the AWS CLI:

aws ec2 delete-security-group \
  --group-id sg-0b6a179b9f5de4f88 \
  --region us-east-1

Bulk Cleanup

For bulk cleanup, consider using Cloud Custodian with the unused filter to identify and remove all unattached security groups automatically.

Summary

Deleting unused security groups is a quick housekeeping win:

  • Reduced clutter: Fewer security groups to audit and manage
  • Simpler incident response: Easier to identify which security groups are actively in use
  • Better compliance: Clean security group inventory supports audit readiness

Best Practice: Regularly audit security groups for unused entries. Implement automated scanning to catch unattached security groups before they accumulate.