Last active
March 9, 2018 11:31
-
-
Save omerxx/b1039bc5c002aa75295552911516d572 to your computer and use it in GitHub Desktop.
Open bastion host security group with the current IP linked to a specific port
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Changing port on the host using | |
# vim /etc/ssh/sshd_config | |
# Find '# Port: 22', uncomment and change to desired PORT | |
# Config your local environment to SSH with the new port: | |
# Host bastion | |
# User ec2-user | |
# Hostname bastion.company.com | |
# IdentityFile ~/.ssh/mykey | |
# Port 23456 | |
# Set an alias to quickly open access when changing location | |
# alias openbastion='python openbastion.py' | |
# openbastion.py | |
import boto3 | |
import requests | |
NAME = 'omer' | |
IP = requests.get("https://api.ipify.org") | |
PORT = 2223 | |
GROUPID = 'sg-e086c39e' | |
ec2 = boto3.resource('ec2') | |
security_group = ec2.SecurityGroup(GROUPID) | |
response = security_group.authorize_ingress( | |
IpPermissions=[ | |
{ | |
'FromPort': PORT, | |
'IpProtocol': 'tcp', | |
'IpRanges': [ | |
{ | |
'CidrIp': '{}/32'.format(IP.text), | |
'Description': 'Created By {}'.format(NAME) | |
}, | |
], | |
'ToPort': PORT, | |
}, | |
], | |
DryRun=False | |
) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment