Skip to content

Instantly share code, notes, and snippets.

@nivleshc
Created March 12, 2019 05:07
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save nivleshc/3f8dcc78dd24dc409b26e8bcf4842388 to your computer and use it in GitHub Desktop.
Piece 10 of Ansibile-create-AWS-environment.yml file
#create a security group for the private subnet which allows restricted access from public subnet
- name: create a security group for servers in private subnet with only tcp 3389 incoming
ec2_group:
state: present
name: sg_ansibleVPC_privatesubnet_servers
description: security group for private subnet that allows limited access from public subnet
vpc_id: "{{ ansibleVPC.vpc.id }}"
region: "{{ vpc_region }}"
rules:
- proto: tcp
ports: 3389
group_name: sg_ansibleVPC_publicsubnet_jumphost
rule_desc: allow only rdp access from public to private subnet servers
register: sg_ansibleVPC_privatesubnet_servers
- name: display details for private subnet security group
debug: var=sg_ansibleVPC_privatesubnet_servers
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment