Skip to content

README.md

Latest commit

 

History

History
82 lines (71 loc) · 2.5 KB

README.md

File metadata and controls

82 lines (71 loc) · 2.5 KB

Simple Security Groups - Example

Overview

Example repository for simplifying security group management.

Requirements

  1. Python 3+
  2. AWS Account

Usage

  1. Install necessary packages

    $ pip install -r requirements.txt

  2. Add Security Group Definition to example.yml

    - id: <Logical ID for CloudFormation Resource>
  name: <GroupName>
  description: <GroupDescription>
  rules:
    ingress:
      - <Logical ID for SecurityGroupIngress Resource> | <IpProtocol>://<CIDR Block>:<Port(s)> | <Description>

  3. Execute module to print out CloudFormation Template

    $ python -m simple_sg
Description: CloudFormation Template for dynamic Security Groups (generated by Troposphere)
Outputs:
    TestSecurityGroup:
        Description: Test Security Group
        Value: !Ref 'TestSecurityGroup'
Resources:
    TestSecurityGroup:
        Properties:
            GroupDescription: Test Security Group
            GroupName: Test SG
        Type: AWS::EC2::SecurityGroup
    TestSecurityGroupNetworkHttpIngress:
        Properties:
            CidrIp: 192.168.1.0/8
            Description: Allow HTTP Traffic from internal network.
            FromPort: 80
            GroupId: !Ref 'TestSecurityGroup'
            IpProtocol: tcp
            ToPort: 80
        Type: AWS::EC2::SecurityGroupIngress
    TestSecurityGroupNetworkSshIngress:
        Properties:
            CidrIp: 192.168.1.1/8
            Description: Allow SSH Traffic from internal network.
            FromPort: 22
            GroupId: !Ref 'TestSecurityGroup'
            IpProtocol: tcp
            ToPort: 22
        Type: AWS::EC2::SecurityGroupIngress
    TestSecurityGroupNetworkTcpIngress:
        Properties:
            CidrIp: 192.168.1.0/24
            Description: Allow all tcp traffic from subnet.
            FromPort: 0
            GroupId: !Ref 'TestSecurityGroup'
            IpProtocol: tcp
            ToPort: 65535
        Type: AWS::EC2::SecurityGroupIngress
    TestSecurityGroupNetworkUdpIngress:
        Properties:
            CidrIp: 192.168.1.0/24
            Description: Allow all udp traffic from subnet.
            FromPort: 0
            GroupId: !Ref 'TestSecurityGroup'
            IpProtocol: udp
            ToPort: 65535
        Type: AWS::EC2::SecurityGroupIngress