aculich · October 26, 2015 21:36
diff --git a/aws_repoint_to_my_ip.sh b/aws_repoint_to_my_ip.sh
 #!/bin/bash

 # Summary:
 # Bash script repoints all inbound access for a given AWS EC2 security group
 # to your current IP addr(v4) as provided by ifconfig.me/ip 

 # To use this script: 
 # Pass the name of a security group as a command line argument
 # e.g. $ aws_repoint_to_my_ip.sh SECURITYGROUPNAME

 # Notes:
 # You need to have AWS CLI installed and configured. See http://aws.amazon.com/cli/
 # To setup, see this page http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-set-up.html
 # See also: http://www.joyofdata.de/blog/guide-to-aws-ec2-on-cli/

 if [ $# -eq 0 ] 
  then
    echo -e 'Please provide the name of a security group\n\te.g.  . aws_repoint_to_my_ip.sh SECURITYGROUPNAME'
    return 1
 fi

 # Search for the group-id based on the Group Name provided
 MYGROUPNAME=$1 # $1 is SECURITYGROUPNAME argument passed to the script

 # Get my IP addr(v4) alternatives: curl icanhazip.com; curl ifconfig.me/ip
 MYIP=$(curl checkip.amazonaws.com)

 # Print all existing inbound access 
 echo ''
 echo 'Current entries for group: '$MYGROUPNAME 
 aws ec2 describe-security-groups \
        --filters Name=group-name,Values=$MYGROUPNAME \
        --query 'SecurityGroups[0].IpPermissions[*].{ip:IpRanges[0].CidrIp,protocol:IpProtocol,from:FromPort,to:ToPort}' \
        --output table

 # Revoke all existing inbound access
 echo ''
 aws ec2 describe-security-groups \
        --filters Name=group-name,Values=$MYGROUPNAME \
        --query 'SecurityGroups[0].IpPermissions[*].[IpRanges[0].CidrIp,IpProtocol,FromPort,ToPort]' \
        --output text \
    | awk -v grpnm=${MYGROUPNAME} -v newip=${MYIP} '{ 
    print   "aws ec2 revoke-security-group-ingress    --group-name "grpnm" --cidr "$1" --protocol "$2" --port "$3;
    system ("aws ec2 revoke-security-group-ingress --group-name "grpnm" --cidr "$1" --protocol "$2" --port "$3" > /dev/null 2>&1");
    print   "aws ec2 authorize-security-group-ingress --group-name "grpnm" --cidr "newip"/32 --protocol "$2" --port "$3;
    system ("aws ec2 authorize-security-group-ingress --group-name "grpnm" --cidr "newip"/32 --protocol "$2" --port "$3" > /dev/null 2>&1");
    }'  # " > /dev/null 2>&1" : This pipes stdin and stderr responses to dev/null. Remove if you would like to see the
        # response from the server printed on screen    

 # Print all new inbound access
 echo ''
 echo ''
 echo 'New entries for group: '$MYGROUPNAME 
 aws ec2 describe-security-groups \
        --filters Name=group-name,Values=$MYGROUPNAME \
        --query 'SecurityGroups[0].IpPermissions[*].{ip:IpRanges[0].CidrIp,protocol:IpProtocol,from:FromPort,to:ToPort}' \
        --output table
	#!/bin/bash

	# Summary:
	# Bash script repoints all inbound access for a given AWS EC2 security group
	# to your current IP addr(v4) as provided by ifconfig.me/ip

	# To use this script:
	# Pass the name of a security group as a command line argument
	# e.g. $ aws_repoint_to_my_ip.sh SECURITYGROUPNAME

	# Notes:
	# You need to have AWS CLI installed and configured. See http://aws.amazon.com/cli/
	# To setup, see this page http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-set-up.html
	# See also: http://www.joyofdata.de/blog/guide-to-aws-ec2-on-cli/

	if [ $# -eq 0 ]
	then
	echo -e 'Please provide the name of a security group\n\te.g. . aws_repoint_to_my_ip.sh SECURITYGROUPNAME'
	return 1
	fi

	# Search for the group-id based on the Group Name provided
	MYGROUPNAME=$1 # $1 is SECURITYGROUPNAME argument passed to the script

	# Get my IP addr(v4) alternatives: curl icanhazip.com; curl ifconfig.me/ip
	MYIP=$(curl checkip.amazonaws.com)

	# Print all existing inbound access
	echo ''
	echo 'Current entries for group: '$MYGROUPNAME
	aws ec2 describe-security-groups \
	--filters Name=group-name,Values=$MYGROUPNAME \
	--query 'SecurityGroups[0].IpPermissions[*].{ip:IpRanges[0].CidrIp,protocol:IpProtocol,from:FromPort,to:ToPort}' \
	--output table

	# Revoke all existing inbound access
	echo ''
	aws ec2 describe-security-groups \
	--filters Name=group-name,Values=$MYGROUPNAME \
	--query 'SecurityGroups[0].IpPermissions[*].[IpRanges[0].CidrIp,IpProtocol,FromPort,ToPort]' \
	--output text \
	\| awk -v grpnm=${MYGROUPNAME} -v newip=${MYIP} '{
	print "aws ec2 revoke-security-group-ingress --group-name "grpnm" --cidr "$1" --protocol "$2" --port "$3;
	system ("aws ec2 revoke-security-group-ingress --group-name "grpnm" --cidr "$1" --protocol "$2" --port "$3" > /dev/null 2>&1");
	print "aws ec2 authorize-security-group-ingress --group-name "grpnm" --cidr "newip"/32 --protocol "$2" --port "$3;
	system ("aws ec2 authorize-security-group-ingress --group-name "grpnm" --cidr "newip"/32 --protocol "$2" --port "$3" > /dev/null 2>&1");
	}' # " > /dev/null 2>&1" : This pipes stdin and stderr responses to dev/null. Remove if you would like to see the
	# response from the server printed on screen

	# Print all new inbound access
	echo ''
	echo ''
	echo 'New entries for group: '$MYGROUPNAME
	aws ec2 describe-security-groups \
	--filters Name=group-name,Values=$MYGROUPNAME \
	--query 'SecurityGroups[0].IpPermissions[*].{ip:IpRanges[0].CidrIp,protocol:IpProtocol,from:FromPort,to:ToPort}' \
	--output table