We at FullStack are big on security and only allow SSH access to hosts by the IPs of our engineers.  In AWS we create a single security group (SG) to allow SSH access.  With the use VPNs, travel, and dynamic IPs it can some time be a pain to update a security group with your new IP.  So I wrote a small python script using Boto3 that removes and updates a single ingress rule based on the description value.  You just need to set the SG Id on line 5, and the value of the description on line 6 of the rule you want to update.  We use a user name for the description value as it makes it easy to tell what rule belong to who.