Skip to content

Instantly share code, notes, and snippets.

@kapilt
Created January 13, 2017 23:53
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save kapilt/d5a53ae4239cecbc4e027d192423117c to your computer and use it in GitHub Desktop.
- name: sg-fast-revert
resource: security-group
filters:
- GroupId: "sg-220123a1"
- type: diff
selector: date
selector_value: "2016/12/14 13:05Z"
actions:
- patch
- <<: *notify_action
mode:
type: cloudtrail
events:
- source: ec2.amazonaws.com
event: AuthorizeSecurityGroupIngress
ids: "requestParameters.groupId"
- source: ec2.amazonaws.com
event: CreateTags
ids: "requestParameters.resourcesSet.items[].resourceId"
- source: ec2.amazonaws.com
event: DeleteTags
ids: "requestParameters.resourcesSet.items[].resourceId"
- source: ec2.amazonaws.com
event: AuthorizeSecurityGroupEgress
ids: "requestParameters.groupId"
- source: ec2.amazonaws.com
event: RevokeSecurityGroupEgress
ids: "requestParameters.groupId"
- source: ec2.amazonaws.com
event: RevokeSecurityGroupIngress
ids: "requestParameters.groupId"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment