The backstory here is that penetration testing can cause our testing IPs and IP connections to be blocked. This technique has allowed us to regain the SSH connectivity to server instances.
From the AWS or AWS GovCloud administration console. Select the instance "Actions" -> "Instance settings" -> "Edit user-data". Then just copy the script into the text box. Then the next time you start the instance the script will run.
...
_______________________________________________________________________________________
Content-Type: multipart/mixed; boundary="//"
MIME-Version: 1.0
--//
Content-Type: text/cloud-config; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="cloud-config.txt"
#cloud-config
cloud_final_modules:
[scripts-user, always]
--//
Content-Type: text/x-shellscript; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="userdata.txt"
#!/bin/bash -xe
echo "flushing iptables rules to unban users"
iptables -F
echo "deleting hosts.deny"
rm /etc/hosts.deny
--//
This technique is also useful to script in other commands that will persist through instance restarts. If you want to remove it, stop the instance, delete the script, and restart the instance.