This script when run will clear down and then populate an AWS EC2 Security Group with your current public IP address so that you can access the EC2 instance withough having to manually add your address.  Ideal for remote workers with dynamic IP addresses that keep changing.  TCP port configuration can be changed to open whichever port you need to access although RDP is most likely the most common.

It works by removing all the existing entries, meaning each user will need their own security group along with an AWS IAM account with permissions to update a Security group for audit purposes.



#AWS credential creation 
#Import AWS module 
#Add AWS account login details 
#Run this once on the source machine after installing nstall the AWS Powershell SDK 
Set-AWSCredential -accessKey AKASECRETKEY -secretkey TRR12345678910rUf4lct -StoreAS credentials 
#This runs, using the Profile created from Set-AWSCredential (above) 
Initialize-AWSDefaultConfiguration -Profilename Credentials -Region us-east-#set-awsCredential -profilename credentials 
#get Public IP Address 
$PublicIP = Invoke-RestMethod | Select -exp ip 
$publicIP = $PublicIP + "/32" 
#SecurityGroup Access to all IDservers 
$groupID = "sg-1453e6f85c" 
$description = (get-date -format ddMMyyyy) + " SS" 
function RemoveSecRules{ 
#Clear Down all other Inbound rules on Simons Security Group 
$a = ($groupid | Get-EC2SecurityGroup).IpPermissions 
foreach ($ip in $a) {$iprem = @{ipProtocol=$ip.IpProtocol;fromPort=$ip.FromPort;ToPort=$ip.ToPort; IpRanges=$ip.IpRanges}; revoke-EC2SecuritygroupIngress -GroupID $groupId -IPPermissions $iprem} 
#remove all existing rules                 
#add new rule for RDP 
$rdp = 3389 - Port Number 
#$sql = 1433 
$ip1 = @{IpProtocol="TCP"; FromPort=$rdp; ToPort=$rdp; IPRanges=$PublicIP#$ip2 = @{IpProtocol="TCP"; FromPort=$sql; ToPort=$sql; IPRanges=$PublicIP} 
#For multiple rules add $ip to -IPPermission params 
   # Grant-EC2SecurityGroupIngress -GroupID $groupID -IPPermission @($ip1,$ip2) 
Grant-EC2SecurityGroupIngress -GroupID $groupID -IPPermission @($ip1)