Created
July 23, 2018 13:09
-
-
Save andytwoods/c07324140a12b1e344e3bbd98058141a to your computer and use it in GitHub Desktop.
small script to add home ip address to AWS RDS security group.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # step 1, create a new security group and associate it with your existing RDS, alongside existing SGs (modify your DB instance to do this). | |
| # step 2, add profile and security_group_id info below. | |
| # step 3, python add_homeIP_to_RDS_securitygroup.py | |
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import requests | |
| profile = "xxxxx" | |
| security_group_id = "sg-xxxxxxxxxxxxxxx" | |
| port = 25 | |
| region = "eu-west-1" | |
| ip = requests.get('http://ip.42.pl/raw').text + '/32' | |
| session = boto3.session.Session(profile_name=(profile), region_name=(region)) | |
| ec2 = session.resource('ec2') | |
| SG = ec2.SecurityGroup(security_group_id) | |
| try: | |
| SG.revoke_ingress(IpPermissions=SG.ip_permissions) | |
| except ClientError: | |
| pass # when there are no permissions to start with | |
| SG.authorize_ingress(IpProtocol="tcp", CidrIp=ip, FromPort=5432, ToPort=5432) | |
| print(f'wiped existing security group permissions and added {ip}') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment