Last active
April 30, 2018 15:13
-
-
Save parsley42/04221349d903d0d2af351a048b1880df to your computer and use it in GitHub Desktop.
Cloud9 SG generator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/ruby | |
require 'json' | |
require 'net/http' | |
require 'uri' | |
region = "us-east-1" | |
service = "CLOUD9" | |
r = Net::HTTP.get(URI::parse('https://ip-ranges.amazonaws.com/ip-ranges.json')) | |
rulenum = 0 | |
puts <<EOH | |
--- | |
AWSTemplateFormatVersion: '2010-09-09' | |
Description: Stack that creates security groups for allowing ssh from | |
#{service} in the #{region} region | |
Parameters: | |
VpcId: | |
Description: The ID of the VPC where the SecurityGroup will be created | |
Type: String | |
Resources: | |
EOH | |
rheader = <<EOH | |
Type: "AWS::EC2::SecurityGroup" | |
Properties: | |
VpcId: !Ref VpcId | |
GroupDescription: "Enable SSH access from #{service} in #{region} region" | |
SecurityGroupIngress: | |
EOH | |
d = JSON::load(r) | |
added = 0 | |
d["prefixes"].each do |p| | |
if p["region"] == region && p["service"] == service && p["ip_prefix"] | |
if added % 50 == 0 | |
puts " USEastCloud9SecurityGroup#{rulenum}:" | |
puts rheader | |
rulenum += 1 | |
end | |
added += 1 | |
prefix = p["ip_prefix"] | |
puts <<EOR | |
- IpProtocol: "tcp" | |
FromPort: "22" | |
ToPort: "22" | |
CidrIp: "#{prefix}" | |
EOR | |
end | |
end | |
puts <<EOF | |
# Added #{added} entries | |
Outputs: | |
EOF | |
rules = rulenum - 1 | |
for rule in 0..rules | |
puts <<EOF | |
UsEastCloud9SSHSG#{rule}: | |
Description: Security Group Allowing SSH from #{region} #{service} | |
Value: !Ref USEastCloud9SecurityGroup#{rule} | |
EOF | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment