Add current IP to Security Group in AWS using a description & port as filter

aws-update-dynamic-ip

#!/bin/bash
  
while [[ "$#" -gt 0 ]]; do
    case $1 in
        -g|--group) group="$2"; shift ;;
        -d|--description) description="$2"; shift;;
        -p|--port) port="$2"; shift;;
        -i|--ip) ip="$2"; shift;;
        -f|--force) force=1;;
        -h|--help) help=1;;
        *) echo "Unknown parameter passed: $1"; exit 1 ;;
    esac
    shift
done

if [ -n "$help" ]; then
    echo "usage: ./update-ip.sh -g <group-name> -d <description> [-p <port>] [-i <ip>]";
    echo "use -f to force, if the rule is not present"
    exit;
fi

if [ -z "$port" ]; then
   port=22;
fi

# Remove existing rules
echo "Trying to remove rules with description '${description}' port ${port} from ${group}...";
cidr=$(aws ec2 describe-security-groups --group-name ${group} \
    | jq -r ".SecurityGroups[] | .IpPermissions[] | select(.FromPort == ${port}) | .IpRanges[] | select(.Description == \"${description}\") | .CidrIp");

if [ -z "$cidr" ] && [ -z "$force" ]; then
   echo "No CIDR block found for ${description} port ${port}";
   exit;
fi

if [ -n "$cidr" ]; then
   echo "Removing previous CIDR: ${cidr} for ${description} port ${port} in ${group}";
   status=$(aws ec2 revoke-security-group-ingress \
        --group-name ${group} \
        --port ${port} \
        --protocol tcp \
        --cidr ${cidr} | jq -r ".Return");
   # check if successful
   if [ "${status}" != "true" ]; then
      echo "Could not remove CIDR from ${group}";
      exit;
   fi
fi


# Add new rule with current IP
if [ -z "$ip" ]; then
 ip=$(curl -s4 v4.ifconfig.co);
fi
echo "Adding current IP: $ip for port $port to $group with description $description...";
aws ec2 authorize-security-group-ingress \
        --group-name ${group} \
        --ip-permissions IpProtocol=tcp,FromPort=${port},ToPort=${port},IpRanges="[{CidrIp=${ip}/32,Description=\"${description}\"}]"
echo "Done!";