Created
November 28, 2023 16:01
-
-
Save AstroTom/37637c068c74cb3b149f92f5f88ab369 to your computer and use it in GitHub Desktop.
Create AWS Security Group for FSx named "fsx-sg"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Create AWS Security Group for FSx named "fsx-sg" | |
| # sets ports as per https://docs.aws.amazon.com/fsx/latest/WindowsGuide/limit-access-security-groups.html | |
| # | |
| # Variables - set your VPC_ID | |
| # | |
| VPC_ID="" | |
| SECURITY_GROUP_NAME=fsx-sg | |
| # Create security group | |
| SECURITY_GROUP_ID=$(aws ec2 create-security-group --group-name $SECURITY_GROUP_NAME --description "Security group for Amazon FSx" --vpc-id $VPC_ID --query 'GroupId' --output text) | |
| # Add rules | |
| declare -a TCP_PORTS=("53" "88" "464" "389" "135" "445" "636" "3268" "3269" "5985" "9389") | |
| declare -a UDP_PORTS=("53" "88" "464" "389" "123") | |
| for port in "${TCP_PORTS[@]}"; do | |
| aws ec2 authorize-security-group-ingress --group-id $SECURITY_GROUP_ID --protocol tcp --port $port --source-group $SECURITY_GROUP_ID | |
| done | |
| for port in "${UDP_PORTS[@]}"; do | |
| aws ec2 authorize-security-group-ingress --group-id $SECURITY_GROUP_ID --protocol udp --port $port --source-group $SECURITY_GROUP_ID | |
| done | |
| # Add rule for range of ephemeral ports for RPC | |
| aws ec2 authorize-security-group-ingress --group-id $SECURITY_GROUP_ID --protocol tcp --port 49152-65535 --source-group $SECURITY_GROUP_ID | |
| echo "Security group created with ID: $SECURITY_GROUP_ID" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment