Skip to content

Instantly share code, notes, and snippets.

@nitanka
Created August 14, 2017 09:20
Show Gist options
  • Save nitanka/ef268b4db160bee45ef9c2cf5ef9a8c8 to your computer and use it in GitHub Desktop.
Save nitanka/ef268b4db160bee45ef9c2cf5ef9a8c8 to your computer and use it in GitHub Desktop.
Ansible: Creating security group
- name: To set up internet gateway
hosts: localhost
tasks:
- name: example nat group
ec2_group:
name: natsecuritygrp
description: an example EC2 group
#vpc_id: 12345
region: eu-central-1
ec2_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
ec2_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
rules:
- proto: tcp
from_port: 50001
to_port: 50008
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 0.0.0.0/0
- name: example private group
ec2_group:
name: privatesecuritygrp
description: an example EC2 group
#vpc_id: 12345
region: eu-central-1
ec2_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
ec2_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
rules:
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.111/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.112/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.113/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.114/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.115/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.116/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.117/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.1.118/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.0.111/32
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: 10.0.0.110/32
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 9191
to_port: 9191
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
- name: example public group
ec2_group:
name: publicsecuritygrp
description: an example EC2 group
#vpc_id: 12345
region: eu-central-1
ec2_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
ec2_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
rules:
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 9999
to_port: 9999
cidr_ip: 10.0.1.111/32
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: 10.0.1.112/32
- proto: tcp
from_port: 9999
to_port: 9999
cidr_ip: 10.0.1.113/32
- proto: tcp
from_port: 9999
to_port: 9999
cidr_ip: 10.0.1.114/32
- proto: tcp
from_port: 9999
to_port: 9999
cidr_ip: 10.0.1.115/32
- proto: tcp
from_port: 9999
to_port: 9999
cidr_ip: 10.0.1.116/32
- proto: tcp
from_port: 9999
to_port: 9999
cidr_ip: 10.0.1.117/32
- proto: tcp
from_port: 9999
to_port: 9999
cidr_ip: 10.0.1.118/32
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment