Created
November 28, 2023 16:06
-
-
Save AstroTom/ffa18c61d14529c66fb49578166949e8 to your computer and use it in GitHub Desktop.
Create AWS Security Group for ZFS named "zfs-sg"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Create AWS Security Group ZFS security group named "zfs-sg" | |
| # | |
| # sets ports as per https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/limit-access-security-groups.html | |
| # | |
| # Variables - set your VPC_ID | |
| # | |
| # | |
| # Variables - set your VPC_ID | |
| # | |
| VPC_ID="vpc-XXXXXX" | |
| SECURITY_GROUP_NAME=zfs-sg | |
| # Create security group | |
| SECURITY_GROUP_ID=$(aws ec2 create-security-group --group-name $SECURITY_GROUP_NAME --description "Security group for Amazon ZFX" --vpc-id $VPC_ID --query 'GroupId' --output text) | |
| # Add rules | |
| declare -a TCP_PORTS=("111" "2049" "20001-20003") | |
| declare -a UDP_PORTS=("111" "2049" "20001-20003") | |
| for port in "${TCP_PORTS[@]}"; do | |
| aws ec2 authorize-security-group-ingress --group-id $SECURITY_GROUP_ID --protocol tcp --port $port --source-group $SECURITY_GROUP_ID | |
| done | |
| for port in "${UDP_PORTS[@]}"; do | |
| aws ec2 authorize-security-group-ingress --group-id $SECURITY_GROUP_ID --protocol udp --port $port --source-group $SECURITY_GROUP_ID | |
| done | |
| echo "Security group created with ID: $SECURITY_GROUP_ID" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment