The script scans for defined port number in security groups and updates the IP address. Subnet mask for the address will always be /32, meaning limited to 1 host address.
Ideally, have your own personal security group in each VPC. And that security group can be attached to the required resources.
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html
- aws profile
- group-ids
- fixed-ips (static IP that will always be applied into security group)
- port number
Leaving group_ids or fixed_ips is blank, script to simply ignore that block of code.