Auto update your dynamic EC2 security group IP

Use at your own risk.

Posted by Mike Apted on December 28, 2015

If your public IP address changes routinely due to your ISP, frequent physical relocation, or any other reason it can be tempting to leave SSH open to 0.0.0.0/0 in your AWS EC2 security groups. This is generally a bad idea. This script allows you to add a simple cron job that will handle that update for you transparently in the background.

This is not a one size fits all solution to the problem but it's a small tool I use locally to minimize frustration. Assess the suitability of something like this for your environment's unique constraints. i.e. do you have your AWS CLI configured with a default account with permission to edit security groups?, does this make you itchy in any way?, etc..

I'll be looking to add some small updates when time permits, things like:

  • Passing an array of security groups to update
  • Supporting multiple AWS CLI profiles
  • Better notification of failures/errors

Reminder: this is more of a pet project than a serious undertaking. Code is on GitHub here.


Category

aws

Tags

ec2 awscli convenience