Generate ec2 security group programmatically

2019-02-18 17:43:03 -08:00
parent 3f14466965
commit 1e714eb6b2
4 changed files with 182 additions and 9 deletions
--- a/net/scripts/ec2-security-group-config.json
+++ b/net/scripts/ec2-security-group-config.json
@@ -0,0 +1,137 @@
+{
+    "IpPermissions": [
+        {
+            "PrefixListIds": [],
+            "FromPort": 80,
+            "IpRanges": [
+                {
+                    "CidrIp": "0.0.0.0/0",
+                    "Description": "http for block explorer"
+                }
+            ],
+            "ToPort": 80,
+            "IpProtocol": "tcp",
+            "UserIdGroupPairs": [],
+            "Ipv6Ranges": [
+                {
+                    "CidrIpv6": "::/0",
+                    "Description": "http for block explorer"
+                }
+            ]
+        },
+        {
+            "PrefixListIds": [],
+            "FromPort": 8000,
+            "IpRanges": [
+                {
+                    "Description": "fullnode UDP range",
+                    "CidrIp": "0.0.0.0/0"
+                }
+            ],
+            "ToPort": 10000,
+            "IpProtocol": "udp",
+            "UserIdGroupPairs": [],
+            "Ipv6Ranges": [
+                {
+                    "CidrIpv6": "::/0",
+                    "Description": "fullnode UDP range"
+                }
+            ]
+        },
+        {
+            "PrefixListIds": [],
+            "FromPort": 22,
+            "IpRanges": [
+                {
+                    "CidrIp": "0.0.0.0/0",
+                    "Description": "ssh"
+                }
+            ],
+            "ToPort": 22,
+            "IpProtocol": "tcp",
+            "UserIdGroupPairs": [],
+            "Ipv6Ranges": [
+                {
+                    "CidrIpv6": "::/0",
+                    "Description": "ssh"
+                }
+            ]
+        },
+        {
+            "PrefixListIds": [],
+            "FromPort": 873,
+            "IpRanges": [
+                {
+                    "Description": "rsync",
+                    "CidrIp": "0.0.0.0/0"
+                }
+            ],
+            "ToPort": 873,
+            "IpProtocol": "tcp",
+            "UserIdGroupPairs": [],
+            "Ipv6Ranges": [
+                {
+                    "CidrIpv6": "::/0",
+                    "Description": "rsync"
+                }
+            ]
+        },
+        {
+            "PrefixListIds": [],
+            "FromPort": 3001,
+            "IpRanges": [
+                {
+                    "Description": "blockexplorer API port",
+                    "CidrIp": "0.0.0.0/0"
+                }
+            ],
+            "ToPort": 3001,
+            "IpProtocol": "tcp",
+            "UserIdGroupPairs": [],
+            "Ipv6Ranges": [
+                {
+                    "CidrIpv6": "::/0",
+                    "Description": "blockexplorer API port"
+                }
+            ]
+        },
+        {
+            "PrefixListIds": [],
+            "FromPort": 8000,
+            "IpRanges": [
+                {
+                    "Description": "fullnode TCP range",
+                    "CidrIp": "0.0.0.0/0"
+                }
+            ],
+            "ToPort": 10000,
+            "IpProtocol": "tcp",
+            "UserIdGroupPairs": [],
+            "Ipv6Ranges": [
+                {
+                    "CidrIpv6": "::/0",
+                    "Description": "fullnode TCP range"
+                }
+            ]
+        },
+        {
+            "PrefixListIds": [],
+            "FromPort": 8,
+            "IpRanges": [
+                {
+                    "CidrIp": "0.0.0.0/0",
+                    "Description": "allow ping"
+                }
+            ],
+            "ToPort": -1,
+            "IpProtocol": "icmp",
+            "UserIdGroupPairs": [],
+            "Ipv6Ranges": [
+                {
+                    "CidrIpv6": "::/0",
+                    "Description": "allow ping"
+                }
+            ]
+        }
+    ]
+}