Skip to content

Instantly share code, notes, and snippets.

@cynicXer

cynicXer/aws_modify_default_security_group.sh

Created July 14, 2017 18:38
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save cynicXer/7353eed94c116901e3af677090d90b8d to your computer and use it in GitHub Desktop.
Save cynicXer/7353eed94c116901e3af677090d90b8d to your computer and use it in GitHub Desktop.
Download ZIP
AWS Modify Default Security Group Bash Script
Raw
aws_modify_default_security_group.sh
groupname=default
regions=$(aws ec2 describe-regions \
--output text \
--query 'Regions[*].RegionName')
for region in $regions; do
default_group_id=$(aws ec2 describe-security-groups --region $region --group-name $groupname \
| jq -r '.SecurityGroups[] | .GroupId')
echo "Revoking any/any rule from default groupID: $default_group_id in region: $region"
aws ec2 revoke-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--proto "all" \
--port "all" \
--source-group "$default_group_id"
echo "Adding rules to $groupname in $region..."
aws ec2 authorize-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--protocol "tcp" \
--port "22" \
--cidr "0.0.0.0/0"
aws ec2 authorize-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--protocol "tcp" \
--port "80" \
--cidr "0.0.0.0/0"
aws ec2 authorize-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--protocol "tcp" \
--port "443" \
--cidr "0.0.0.0/0"
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment