API tools faq
paste
HuggyBear

SecGroupUpdates

HuggyBear
Nov 23rd, 2020 (edited)
1,553
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.45 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. ENVI="$HOME/.config/environment/externalIP"
  4.  
  5. CURRENTIP=$(<"$ENVI")
  6. NEWIP=$(curl --silent -4 ifconfig.me)
  7.  
  8. ## STATIC FOR SCAWS ONLY ##
  9. GROUPID="sg-e90aa08d"
  10.  
  11. printf "Current IP: %s\n" "$NEWIP"
  12. printf "Last logged IP: %s\n" "$CURRENTIP"
  13. printf "Security Group: %s\n" "$GROUPID"
  14.  
  15. if [[ "$CURRENTIP" != "$NEWIP" ]]; then
  16.     # UPDATE LOCAL FILE
  17.     echo "$NEWIP" > ~/.config/externalIP
  18.    
  19.     ## FORMAT IPs ##
  20.     CURRENTIP+="/32"
  21.     NEWIP+="/32"
  22.  
  23.     # REVOKE EXISTING RULES TCP Ports 22, 1125, 5201 & UDP port 5201
  24.     printf " aws ec2 revoke-security-group-ingress --group-id "$GROUPID" --protocol tcp --port 1125 --cidr "$CURRENTIP" "
  25.     exit
  26.     aws ec2 revoke-security-group-ingress --group-id "$GROUPID" --protocol tcp --port 5201 --cidr "$CURRENTIP"
  27.     aws ec2 revoke-security-group-ingress --group-id "$GROUPID" --protocol tcp --port 22 --cidr "$CURRENTIP"
  28.     aws ec2 revoke-security-group-ingress --group-id "$GROUPID" --protocol UDP --port 5201 --cidr "$CURRENTIP"
  29.    
  30.     # ADD NEW RULES WITH NEW IP
  31.     aws ec2 authorize-security-group-ingress --group-id "$GROUPID" --protocol tcp --port 22 --cidr "$NEWIP"
  32.     aws ec2 authorize-security-group-ingress --group-id "$GROUPID" --protocol tcp --port 1125 --cidr "$NEWIP"
  33.     aws ec2 authorize-security-group-ingress --group-id "$GROUPID" --protocol tcp --port 5201 --cidr "$NEWIP"
  34.     aws ec2 authorize-security-group-ingress --group-id "$GROUPID" --protocol udp --port 5201 --cidr "$NEWIP"
  35.    
  36.     # ADD DESCRIPTION TO NEW RULE
  37.     aws ec2 update-security-group-rule-descriptions-ingress --group-id "$GROUPID" --ip-permissions "'[{\"IpProtocol\":\"tcp\",\"FromPort\":22,\"ToPort\":22,\"IpRanges\":[{\"CidrIp\":\"$NEWIP\",\"Description\":\"$USER Home\"}]]'"
  38.     aws ec2 update-security-group-rule-descriptions-ingress --group-id "$GROUPID" --ip-permissions "'[{\"IpProtocol\":\"tcp\",\"FromPort\":1125,\"ToPort\":1125,\"IpRanges\":[{\"CidrIp\":\"$NEWIP\",\"Description\":\"$USER Home\"}]]'"
  39.     aws ec2 update-security-group-rule-descriptions-ingress --group-id "$GROUPID" --ip-permissions "'[{\"IpProtocol\":\"tcp\",\"FromPort\":5201,\"ToPort\":5201,\"IpRanges\":[{\"CidrIp\":\"$NEWIP\",\"Description\":\"$USER Home\"}]]'"
  40.     aws ec2 update-security-group-rule-descriptions-ingress --group-id "$GROUPID" --ip-permissions "'[{\"IpProtocol\":\"udp\",\"FromPort\":5201,\"ToPort\":5201,\"IpRanges\":[{\"CidrIp\":\"$NEWIP\",\"Description\":\"$USER Home\"}]]'"
  41. elif [[ "$CURRENTIP" == "$NEWIP" ]]; then
  42.     date
  43.     printf "Public IP, %s$CURRENTIP, is unchagned.\n"
  44. fi
  45.  
  46.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!