Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"sgadmin": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "ssh from office",
"VpcId": "vpc-xxxxxxxx",
"Tags": [{"Key": "Name", "Value": "admin"}],
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "10.11.12.13/32"
},
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "192.168.0.0/24"
}
],
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"sgweb": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "from elb 80",
"VpcId": "vpc-xxxxxxxx",
"Tags": [{"Key": "Name", "Value": "web"}],
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"sgdb": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "from web and admin",
"VpcId": "vpc-xxxxxxxx",
"Tags": [{"Key": "Name", "Value": "db"}],
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"sgelb": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "80,443 from world",
"VpcId": "vpc-xxxxxxxx",
"Tags": [{"Key": "Name", "Value": "elb"}],
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
}
],
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"ingress4": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgweb"
},
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"SourceSecurityGroupId": {
"Ref": "sgelb"
}
}
},
"ingress5": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgdb"
},
"IpProtocol": "tcp",
"FromPort": "3306",
"ToPort": "3306",
"SourceSecurityGroupId": {
"Ref": "sgelb"
}
}
},
"ingress6": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgdb"
},
"IpProtocol": "tcp",
"FromPort": "3306",
"ToPort": "3306",
"SourceSecurityGroupId": {
"Ref": "sgadmin"
}
}
}
},
"Description": ""
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.