Skip to content

Instantly share code, notes, and snippets.

@marceloeliassantos

marceloeliassantos/aws_modify_default_security_group.sh

Forked from cynicXer/aws_modify_default_security_group.sh
Created August 7, 2020 19:02
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save marceloeliassantos/a93bc1e8c8e0c7bb64cb7c77ba76fa32 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save marceloeliassantos/a93bc1e8c8e0c7bb64cb7c77ba76fa32 to your computer and use it in GitHub Desktop.
Download ZIP
AWS Modify Default Security Group Bash Script
Raw
aws_modify_default_security_group.sh
groupname=default
regions=$(aws ec2 describe-regions \
--output text \
--query 'Regions[*].RegionName')
for region in $regions; do
default_group_id=$(aws ec2 describe-security-groups --region $region --group-name $groupname \
| jq -r '.SecurityGroups[] | .GroupId')
echo "Revoking any/any rule from default groupID: $default_group_id in region: $region"
aws ec2 revoke-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--proto "all" \
--port "all" \
--source-group "$default_group_id"
echo "Adding rules to $groupname in $region..."
aws ec2 authorize-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--protocol "tcp" \
--port "22" \
--cidr "0.0.0.0/0"
aws ec2 authorize-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--protocol "tcp" \
--port "80" \
--cidr "0.0.0.0/0"
aws ec2 authorize-security-group-ingress \
--region "$region" \
--group-name "$groupname" \
--protocol "tcp" \
--port "443" \
--cidr "0.0.0.0/0"
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment