./aws-sg-ip-rule.sh -h
Add rule: ./aws-sg-ip-rule.sh a [-i <ipaddr/cidr>] -s <security_group_id> -f <start_in_tcp_port> -t <end_in_tcp_Port> -n <rule_name>
Update rule (only IP): ./aws-sg-ip-rule.sh u [-i <ipaddr/cidr>] -n <rule_name>
Revoke rule: ./aws-sg-ip-rule.sh r [-d (deletes the rulefile)] -n <rule_name>
./aws-sg-ip-rule.sh a -n rules/allow-xyz-to-ssh -s sg-1234abcd -f 22 -t 22
./aws-sg-ip-rule.sh a -n rules/allow-xyz-range -s sg-1234abcd -f 3300 -t 3310
The above commands allow access to the specified ports(s) from your current IP.
./aws-sg-ip-rule.sh a -n rules/allow-xyz-range -i 10.0.0.0/8 -s sg-1234abcd -f 3300 -t 3310
Add rule creates a rulefile with the same name as the rule.
rule_name refers to the rulefile path.
rulefile holds the info related to the rule.
./aws-sg-ip-rule.sh u -n rules/allow-xyz-to-ssh
Updates the rule with your new public IP
./aws-sg-ip-rule.sh u -n rules/allow-xyz-to-ssh -i 10.0.0.0/8
./aws-sg-ip-rule.sh r -n rules/allow-xyz-to-ssh
Revokes the rule. i.e removes the access to the port(s) in allow-xyz-to-ssh from the IP in allow-xyz-to-ssh
./aws-sg-ip-rule.sh a -n rules/allow-xyz-to-ssh
Adds back the revoked rule.
./coverfire.sh -h
Add back revoked rule(s) : ./coverfire.sh a [-i <ipaddr/cidr>] <rule_name1> <rule_name1> ...
Update rule(s) : ./coverfire.sh u [-i <ipaddr/cidr>] <rule_name1> <rule_name2> ...
Revoke rule(s) : ./coverfire.sh r [-d (deletes the rulefiles)] <rule_name1> <rule_name2> ...