Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package main
- import (
- "flag"
- "fmt"
- "github.com/aws/aws-sdk-go/aws"
- "github.com/aws/aws-sdk-go/aws/awserr"
- "github.com/aws/aws-sdk-go/aws/credentials"
- "github.com/aws/aws-sdk-go/aws/session"
- "github.com/aws/aws-sdk-go/service/ec2"
- "os"
- )
- func main() {
- var name, desc, vpcID string
- flag.StringVar(&name, "n", "", "Group Name")
- flag.StringVar(&desc, "d", "", "Group Description")
- flag.StringVar(&vpcID, "vpc", "", "VPC ID to assoc sec group")
- flag.Parse()
- if len(name) == 0 || len(desc) == 0 || len(vpcID) == 0 {
- flag.PrintDefaults()
- fmt.Println("SG name, SG desc of VPC ID not set!")
- os.Exit(1)
- }
- sess, err := session.NewSession(&aws.Config{
- Region: aws.String("us-east-1"),
- Credentials: credentials.NewSharedCredentials("", "manandmachine"), // use your profile
- })
- if err != nil {
- fmt.Println("Error starting session! The error is")
- fmt.Println(err)
- os.Exit(1)
- }
- ec2svc := ec2.New(sess)
- createSG, err := ec2svc.CreateSecurityGroup(&ec2.CreateSecurityGroupInput{
- GroupName: aws.String(name),
- Description: aws.String(desc),
- VpcId: aws.String(vpcID),
- })
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- case "InvalidVpcId.NotFound":
- fmt.Println("Unable to find VPC by id")
- os.Exit(1)
- case "InvalidGroup.Duplicate":
- fmt.Println("This security group already exists!")
- os.Exit(1)
- }
- }
- fmt.Println("Unable to create security group")
- }
- fmt.Printf("Created security group %s in VPC %s.\n",
- aws.StringValue(createSG.GroupId), vpcID)
- _, err = ec2svc.AuthorizeSecurityGroupIngress(&ec2.AuthorizeSecurityGroupIngressInput{
- GroupName: aws.String(name),
- IpPermissions: []*ec2.IpPermission{
- (&ec2.IpPermission{}).
- SetIpProtocol("tcp").
- SetFromPort(22). // Here is your security group rule port. change to your own if needed
- SetToPort(22).
- SetIpRanges([]*ec2.IpRange{
- (&ec2.IpRange{}).
- SetCidrIp("0.0.0.0/0"), // change to your CIDR
- }),
- (&ec2.IpPermission{}).
- SetIpProtocol("tcp").
- SetFromPort(80). // Here is your security group rule port. change to your own if needed
- SetToPort(80).
- SetIpRanges([]*ec2.IpRange{
- (&ec2.IpRange{}).
- SetCidrIp("0.0.0.0/0"), // change to your CIDR
- }),
- },
- })
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement