package mainimport ( "flag" "fmt" "github.com/aws/aws-sdk-go/aws" "g

1. package main
2.  
3. import (
4.     "flag"
5.     "fmt"
6.     "github.com/aws/aws-sdk-go/aws"
7.     "github.com/aws/aws-sdk-go/aws/awserr"
8.     "github.com/aws/aws-sdk-go/aws/credentials"
9.     "github.com/aws/aws-sdk-go/aws/session"
10.     "github.com/aws/aws-sdk-go/service/ec2"
11.     "os"
12. )
13.  
14. func main() {
15.     var name, desc, vpcID string
16.     flag.StringVar(&name, "n", "", "Group Name")
17.     flag.StringVar(&desc, "d", "", "Group Description")
18.     flag.StringVar(&vpcID, "vpc", "", "VPC ID to assoc sec group")
19.     flag.Parse()
20.     if len(name) == 0 || len(desc) == 0 || len(vpcID) == 0 {
21.         flag.PrintDefaults()
22.         fmt.Println("SG name, SG desc of VPC ID not set!")
23.         os.Exit(1)
24.     }
25.     sess, err := session.NewSession(&aws.Config{
26.         Region:      aws.String("us-east-1"),
27.         Credentials: credentials.NewSharedCredentials("", "manandmachine"), // use your profile
28.     })
29.     if err != nil {
30.         fmt.Println("Error starting session! The error is")
31.         fmt.Println(err)
32.         os.Exit(1)
33.     }
34.     ec2svc := ec2.New(sess)
35.  
36.     createSG, err := ec2svc.CreateSecurityGroup(&ec2.CreateSecurityGroupInput{
37.         GroupName:   aws.String(name),
38.         Description: aws.String(desc),
39.         VpcId:       aws.String(vpcID),
40.     })
41.     if err != nil {
42.         if aerr, ok := err.(awserr.Error); ok {
43.             switch aerr.Code() {
44.             case "InvalidVpcId.NotFound":
45.                 fmt.Println("Unable to find VPC by id")
46.                 os.Exit(1)
47.             case "InvalidGroup.Duplicate":
48.                 fmt.Println("This security group already exists!")
49.                 os.Exit(1)
50.             }
51.         }
52.         fmt.Println("Unable to create security group")
53.     }
54.     fmt.Printf("Created security group %s in VPC %s.\n",
55.         aws.StringValue(createSG.GroupId), vpcID)
56.  
57.     _, err = ec2svc.AuthorizeSecurityGroupIngress(&ec2.AuthorizeSecurityGroupIngressInput{
58.         GroupName: aws.String(name),
59.         IpPermissions: []*ec2.IpPermission{
60.             (&ec2.IpPermission{}).
61.                 SetIpProtocol("tcp").
62.                 SetFromPort(22). // Here is your security group rule port. change to your own if needed
63.                 SetToPort(22).
64.                 SetIpRanges([]*ec2.IpRange{
65.                     (&ec2.IpRange{}).
66.                         SetCidrIp("0.0.0.0/0"), // change to your CIDR
67.                 }),
68.             (&ec2.IpPermission{}).
69.                 SetIpProtocol("tcp").
70.                 SetFromPort(80). // Here is your security group rule port. change to your own if needed
71.                 SetToPort(80).
72.                 SetIpRanges([]*ec2.IpRange{
73.                     (&ec2.IpRange{}).
74.                         SetCidrIp("0.0.0.0/0"), // change to your CIDR
75.                 }),
76.         },
77.     })
78. }