Question:
I want to add current working PC’s IP into a security group,
And enable all traffice for it. Every time I should do that manually with the web dashboard.
How could I do it with a shell script?
The following are the most common aws cli commands I used.
But I couldn’t find how to add ip in a specific security group.
|
1 2 3 4 5 6 7 |
list_instances(){ aws ec2 describe-instances --query 'Reservations[].Instances[].[Tags[?Key==`Name`].Value,InstanceId,PublicIpAddress,PrivateIpAddress]' --output text } start_instance(){ aws ec2 start-instances --instance-ids $1 } |
Answer:
Here’s a script that determines the current computer’s IP address, then uses the AWS Command-Line Interface (CLI) to add access for ports 22 (SSH) and 3389 (RDP) — much safer than adding access on ALL ports.
|
1 2 3 4 5 6 7 |
# Retrieve current IP address IP=`curl -s http://whatismyip.akamai.com/` # Authorize access on ports 22 and 3389 aws ec2 authorize-security-group-ingress --group-name "SG-NAME" --protocol tcp --port 22 --cidr $IP/32 --profile class --output text aws ec2 authorize-security-group-ingress --group-name "SG-NAME" --protocol tcp --port 3389 --cidr $IP/32 --profile class --output text |
It assumes that the AWS CLI has access to credentials, either via Instance Metadata (on Amazon EC2 instances) or from a local credentials file configured via aws configure.