上記と組み合わせると、例えばデモの時だけ接続ポート設定が出来ます。
echoServerURLの先には、接続元IPだけを返すJSPやPHPをBeanstalkにでも載せておけばOKです。
public class AddSSHandRDPSettings { static final List<Integer> targetPortList = Arrays.asList(22, 3389); static final String echoServerURL = "接続元IPを返すエコーサービスのURL"; public static void main(String[] args) throws Exception { System.out.println("start"); HttpClient httpClient = new DefaultHttpClient(); HttpGet get = new HttpGet(echoServerURL); HttpEntity entity = httpClient.execute(get).getEntity(); String globalIP = EntityUtils.toString(entity) + "/32"; final List<IpPermission> permissionList = new ArrayList<>(); for (Integer port : targetPortList) { IpPermission ip = new IpPermission().withFromPort(port) .withToPort(port).withIpRanges(globalIP) .withIpProtocol("tcp"); permissionList.add(ip); System.out.println("Permission:" + port + ":" + globalIP); } AWSCredentials credentials = new PropertiesCredentials(new File( "AwsCredentials.properties")); AmazonEC2Client ec2 = new AmazonEC2Client(credentials); ec2.setRegion(Region.getRegion(Regions.AP_NORTHEAST_1)); DescribeSecurityGroupsResult describeSecurityGroupsResult = ec2 .describeSecurityGroups(); for (SecurityGroup sg : describeSecurityGroupsResult .getSecurityGroups()) { final List<IpPermission> addPermissionList = new ArrayList<>(); for (IpPermission ip : permissionList) { final List<IpPermission> sgPermissionList = sg .getIpPermissions(); if (hasSamePermission(sgPermissionList, ip) == false) { addPermissionList.add(ip); } } if (addPermissionList.size() > 0) { for (IpPermission addIp : addPermissionList) { System.out.println("Add:" + sg.getGroupId() + ":" + sg.getGroupName() + ":" + addIp.getFromPort() + ":" + addIp.getIpRanges()); } AuthorizeSecurityGroupIngressRequest req = new AuthorizeSecurityGroupIngressRequest(); req.setGroupId(sg.getGroupId()); req.setIpPermissions(addPermissionList); ec2.authorizeSecurityGroupIngress(req); } } System.out.println("success"); } private static boolean hasSamePermission(List<IpPermission> targetList, IpPermission ip) { for (IpPermission target : targetList) { if (isSamePermission(target, ip) == true) { return true; } } return false; } private static boolean isSamePermission(IpPermission ipA, IpPermission ipB) { final Integer fromPortA = ipA.getFromPort(); final Integer fromPortB = ipB.getFromPort(); if (fromPortA != null && fromPortB != null && fromPortA.equals(fromPortB) == true) { final List<String> rangeAList = ipA.getIpRanges(); final List<String> rangeBList = ipB.getIpRanges(); if (rangeAList != null && rangeBList != null && rangeAList.size() == rangeBList.size()) { for (String rangeA : rangeAList) { if (rangeBList.contains(rangeA) == false) { return false; } } return true; } } return false; } }