Updating Inbound rules in specified Security Group (AWS EC2)

program.cs

using Amazon;
using Amazon.EC2;

const string CREDENTIALS_PROFILE = "mine";
const string SECUTIRY_GROUP = "sg-XXXXXXXXX";
const string MATCH_PHRASE = "any part of description";
const string RULE_DESCRIPTION = "new description";
RegionEndpoint region=Amazon.RegionEndpoint.USEast1;

using var httpClient = new HttpClient();
string ip = await (await httpClient.GetAsync("http://myexternalip.com/raw")).Content.ReadAsStringAsync();


var sharedFile = new Amazon.Runtime.CredentialManagement.SharedCredentialsFile();
sharedFile.TryGetProfile(CREDENTIALS_PROFILE, out Amazon.Runtime.CredentialManagement.CredentialProfile profile);
Amazon.Runtime.CredentialManagement.AWSCredentialsFactory.TryGetAWSCredentials(profile, sharedFile, out Amazon.Runtime.AWSCredentials awsCredentials);
var client = new AmazonEC2Client(awsCredentials, region);

var describeRequest = new Amazon.EC2.Model.DescribeSecurityGroupRulesRequest();
var describeSecurityGroupRulesResponse = await client.DescribeSecurityGroupRulesAsync(describeRequest);
if (describeSecurityGroupRulesResponse.HttpStatusCode==System.Net.HttpStatusCode.OK)
{
    var rules = describeSecurityGroupRulesResponse.SecurityGroupRules.Where(g=>g.GroupId== SECUTIRY_GROUP).ToArray();
    var items = rules.Where(r => !string.IsNullOrEmpty(r.Description) && r.Description.Contains(MATCH_PHRASE,StringComparison.OrdinalIgnoreCase)).ToArray();
    if (items.Length > 0)
    {
        var revokeRequest = new Amazon.EC2.Model.RevokeSecurityGroupIngressRequest();
        revokeRequest.GroupId = SECUTIRY_GROUP;
        revokeRequest.SecurityGroupRuleIds.AddRange(items.Select(g => g.SecurityGroupRuleId));
        var revokeResponse = await client.RevokeSecurityGroupIngressAsync(revokeRequest);
    }
}

var ingresRequest = new Amazon.EC2.Model.AuthorizeSecurityGroupIngressRequest();
ingresRequest.GroupId = SECUTIRY_GROUP;
var ipRanges = new List<Amazon.EC2.Model.IpRange>();
ipRanges.Add(new Amazon.EC2.Model.IpRange() { CidrIp = $"{ip}/32", Description = RULE_DESCRIPTION });
//WARNING: specify only required protocol(s)!
ingresRequest.IpPermissions.Add(new Amazon.EC2.Model.IpPermission() { IpProtocol = "-1", Ipv4Ranges = ipRanges });

var authorizeSecurityGroupIngressResponse = await client.AuthorizeSecurityGroupIngressAsync(ingresRequest);

In case if you are working with AWS by using internet without a static IP you are always need to update security group Inbound rules. And AWS CLI doesn't support updating specified rules. That's why you are always need to open AWS Console remove old rules and then add new rules.
This gist just revoking rules by matching description with specified string, and then adding new rule with new IP and description