0xtf/myip-SG-update-based-on-description

## myip-SG-update-based-on-description
#!/bin/bash

# This is based on the work done at https://gist.github.com/isalgueiro/212a612fc232f1437ce88876937691d3/revisions#diff-c6d6f47361666bfba5538e6e0101bafd

####################
# Define variables #
####################
# Expected for securityGroupIds is sg-...
securityGroupIds="Insert_Your_SGID"
# Expected for ruleDescription is something like Home, or OfficeNY
ruleDescription="Insert_Your_RuleDescription"
# Expected for rulePort is the port number, like 22, or 443
rulePort="22"

# Retrieve my public IP
publicIP=`dig +short myip.opendns.com @resolver1.opendns.com`

## Define cidrIP and describe rules that match the conditions
cidrIP=`aws ec2 describe-security-groups --group-ids $securityGroupIds | jq -r '.SecurityGroups[0].IpPermissions[] | select(.ToPort=='$rulePort') | .IpRanges[] | select(.Description == "'$ruleDescription'") | .CidrIp' | tail -1f`

## Run cidrIP and delete it if it finds something
if [ -n "${cidrIP}" ]; then
  aws ec2 revoke-security-group-ingress --group-id $securityGroupIds --ip-permissions '[{"IpProtocol": "tcp", "FromPort": '$rulePort', "ToPort": '$rulePort', "IpRanges": [{"CidrIp":"'$cidrIP'"}]}]'
fi

## Add the new rule with the conditions that were set
aws ec2 authorize-security-group-ingress --group-id $securityGroupIds --ip-permissions '[{"IpProtocol": "tcp", "FromPort": '$rulePort', "ToPort": '$rulePort', "IpRanges": [{"CidrIp": "'$publicIP'/32", "Description": "'$ruleDescription'"}]}]'
	#!/bin/bash

	# This is based on the work done at https://gist.github.com/isalgueiro/212a612fc232f1437ce88876937691d3/revisions#diff-c6d6f47361666bfba5538e6e0101bafd

	####################
	# Define variables #
	####################
	# Expected for securityGroupIds is sg-...
	securityGroupIds="Insert_Your_SGID"
	# Expected for ruleDescription is something like Home, or OfficeNY
	ruleDescription="Insert_Your_RuleDescription"
	# Expected for rulePort is the port number, like 22, or 443
	rulePort="22"

	# Retrieve my public IP
	publicIP=`dig +short myip.opendns.com @resolver1.opendns.com`

	## Define cidrIP and describe rules that match the conditions
	cidrIP=`aws ec2 describe-security-groups --group-ids $securityGroupIds \| jq -r '.SecurityGroups[0].IpPermissions[] \| select(.ToPort=='$rulePort') \| .IpRanges[] \| select(.Description == "'$ruleDescription'") \| .CidrIp' \| tail -1f`

	## Run cidrIP and delete it if it finds something
	if [ -n "${cidrIP}" ]; then
	aws ec2 revoke-security-group-ingress --group-id $securityGroupIds --ip-permissions '[{"IpProtocol": "tcp", "FromPort": '$rulePort', "ToPort": '$rulePort', "IpRanges": [{"CidrIp":"'$cidrIP'"}]}]'
	fi

	## Add the new rule with the conditions that were set
	aws ec2 authorize-security-group-ingress --group-id $securityGroupIds --ip-permissions '[{"IpProtocol": "tcp", "FromPort": '$rulePort', "ToPort": '$rulePort', "IpRanges": [{"CidrIp": "'$publicIP'/32", "Description": "'$ruleDescription'"}]}]'