Skip to content

Instantly share code, notes, and snippets.

@youngsoul

youngsoul/security_group_cdk.py

Created March 7, 2022 18:41
Show Gist options
  • Save youngsoul/0910d9d2eb1af905af4826ee75666969 to your computer and use it in GitHub Desktop.
Save youngsoul/0910d9d2eb1af905af4826ee75666969 to your computer and use it in GitHub Desktop.
Download ZIP
Example of CDK for security groups
Raw
security_group_cdk.py
self.bastion_sg = ec2.SecurityGroup(self, id=f'{resources_prefix}-bastion-sg',
security_group_name=f'{resources_prefix}-cdk-bastion-sg',
vpc=self.vpc,
description=f'{resources_prefix} SG for Bastion',
allow_all_outbound=True)
self.bastion_sg.add_ingress_rule(peer=ec2.Peer.ipv4('xxx.xxx.xxx.xx/32'), # only your machine
connection=ec2.Port.tcp(22),
description='SSH Access')
self.efs_access_sg = ec2.SecurityGroup(self, id=f'{resources_prefix}-efs-access-sg',
security_group_name=f'{resources_prefix}-cdk-efs-access-sg',
vpc=self.vpc,
description=f'{resources_prefix} SG for EFS',
allow_all_outbound=False)
self.efs_access_sg.add_ingress_rule(peer=self.efs_access_sg,
connection=ec2.Port.tcp(2049),
description='EFS Access')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment