Linux-Help
/
dynamic-ip
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
dynamic-ip/src/agents.d/aws-sg

64 lines
2.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Internal Initialization
source "${DIP_FUNCTIONS}"
[[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf" ]] && \
source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf"
[[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" ]] && \
source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf"
if [[ -z "$agent_aws_sg_id" ]]; then
logerr "ERROR: Need 'agent_aws_sg_id' to be defined to your Security Group ID"
exit 99
fi
if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
exit 99
elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
exit 99
else
export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
fi
else
logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
exit 99
fi
if [[ -z "$DIP_CUR_IP" || -z "$DIP_OLD_IP" ]]; then
logerr "ERROR: Agent expects currentip, and existingip."
exit 98
fi
# Main
if valid_ipv4 "$DIP_CUR_IP"; then
if [[ "${DIP_CUR_IP}/32" = "${DIP_OLD_IP}/32" ]]; then
log "No changes required."
else
log "Updating Security Group IP"
aws ec2 revoke-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_OLD_IP}/32\"}]}]"
aws ec2 authorize-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_CUR_IP}/32\"}]}]"
fi
fi
if valid_ipv6 "$DIP_CUR_IP"; then
currentprefix=$(getIPv6Prefix "$DIP_CUR_IP")
existingprefix=$(getIPv6Prefix "$DIP_OLD_IP")
if [[ "$currentprefix" = "$existingprefix" ]]; then
log "No changes required."
else
log "Updating Security Group IPv6"
aws ec2 revoke-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]"
aws ec2 authorize-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]"
fi
fi
Reference in New Issue View Git Blame Copy Permalink