Skip to content

Instantly share code, notes, and snippets.

@griggheo
Created January 11, 2018 23:35
Show Gist options
  • Save griggheo/2541addc0c1a1bcbad4489ffa9e19d0d to your computer and use it in GitHub Desktop.
Save griggheo/2541addc0c1a1bcbad4489ffa9e19d0d to your computer and use it in GitHub Desktop.
import boto3
import hashlib
import json
import copy
import urllib2
# ID of the security group we want to update
SECURITY_GROUP_ID = "sg-XXXX"
# Description of the security rule we want to replace
SECURITY_RULE_DESCR = "My Home IP"
def lambda_handler(event, context):
new_ip_address = list(event.values())[0]
result = update_security_group(new_ip_address)
return result
def update_security_group(new_ip_address):
client = boto3.client('ec2')
response = client.describe_security_groups(GroupIds=[SECURITY_GROUP_ID])
group = response['SecurityGroups'][0]
for permission in group['IpPermissions']:
new_permission = copy.deepcopy(permission)
ip_ranges = new_permission['IpRanges']
for ip_range in ip_ranges:
if ip_range['Description'] == 'My Home IP':
ip_range['CidrIp'] = "%s/32" % new_ip_address
client.revoke_security_group_ingress(GroupId=group['GroupId'], IpPermissions=[permission])
client.authorize_security_group_ingress(GroupId=group['GroupId'], IpPermissions=[new_permission])
return ""
@ranjit009
Copy link

ranjit009 commented Feb 1, 2018

Is it possible to create Security Groups using Lambda ?
Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment