SG access different per environment

[Nicolas G]

Hi, I have the bellow security groups that is working :

name: modify sg_default rules
      local_action:
        module: ec2_group
        region: "us-east-1"
        vpc_id: "{{ vpcid }}"
        name: "test"
        rules:
          - proto: all
            cidr_ip: "{{ office_ip }}"
          - proto: tcp
            from_port: 22
            to_port: 22
            cidr_ip: "0.0.0.0/0"

This will open ssh port to the public and all ports to the office IP . I would like to have the ssh port open to the public only in a dev environment and not always .

Any ideas how can I do that ?