- Ansible 2 Cloud Automation Cookbook
- Aditya Patawari Vikas Aggarwal
- 109字
- 2021-06-24 18:43:37
How to do it...
We can create a security group, using an ec2_group module, this will take the VPC ID, the region, and rules as input.
Let's create a task for a security group:
---
- name: Create EC2 Security Group
ec2_group:
name: my_first_sg
description: A sample security group webservers
vpc_id: "{{ my_first_vpc.vpc.id }}"
region: "{{ aws_region }}"
aws_secret_key: "{{ secret_key }}"
aws_access_key: "{{ access_key }}"
rules:
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: "{{ vpc_cidr_block }}"
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: 0.0.0.0/0
- proto: icmp
from_port: 8
to_port: -1
cidr_ip: "{{ vpc_cidr_block }}"
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
register: my_first_sg