Skip to content

Instantly share code, notes, and snippets.

@eikenb
Created October 29, 2013 19:21
Show Gist options
  • Save eikenb/7220916 to your computer and use it in GitHub Desktop.
Save eikenb/7220916 to your computer and use it in GitHub Desktop.
Simple script to give yourself temporary access to aws security groups.
#!/usr/bin/python
"""
This script will add your current IP to the security group for all ports. It
then waits for a key-press and proceeds to delete the IP from the security
group. This lets you grant yourself access temporarily from home without
leaving your (possibly changing) IP everywhere.
It requires AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables
to be set.
"""
from __future__ import print_function
import os, os.path, time, subprocess
from boto.ec2 import connect_to_region
from argparse import ArgumentParser
import boto
parser = ArgumentParser(description=__doc__)
parser.add_argument("region", type=str, nargs='?',
default='us', choices=['eu','au','us'])
regions = {'eu':'eu-west-1', 'au':'ap-east-2', 'us':'us-east-1'}
parser.add_argument("security_groups", type=str, nargs='+')
args = parser.parse_args()
#print(args)
myip = subprocess.check_output(['curl', '-s' ,'ifconfig.me']).strip()+"/32"
try:
ec2 = connect_to_region(regions[args.region])
except boto.exception.NoAuthHandlerFound:
parser.error("AWS credential environment variables not set.")
try:
security_groups = ec2.get_all_security_groups(args.security_groups)
except boto.exception.EC2ResponseError:
parser.error("One of your security groups doesn't exist.")
groups = (', ').join(args.security_groups)
print("Adding %s too %s in %s..." % (myip, groups, args.region))
for sg in security_groups:
sg.authorize('tcp', 0, 65535, myip)
raw_input("Press any key to continue and remove %s from %s..." %
(myip, groups))
print("Removing %s from security groups..." % myip)
for sg in security_groups:
sg.revoke('tcp', 0, 65535, myip)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment