Example EC2 security group policy
The following JavaScript Object Notation (JSON) structure provides an example of security group policy for Amazon Elastic Compute Cloud (EC2). The policy accommodates inbound network ports required by Puppet.
{
"IpPermissions": [
{
"PrefixListIds": [],
"FromPort": 22,
"IpRanges": [{"CidrIp": "0.0.0.0/0"}],
"ToPort": 22,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
},
{
"PrefixListIds": [],
"FromPort": 443,
"IpRanges": [{"CidrIp": "0.0.0.0/0"}],
"ToPort": 443,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
},
{
"PrefixListIds": [],
"FromPort": 8140,
"IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
"ToPort": 8140,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
},
{
"PrefixListIds": [],
"FromPort": 8142,
"IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
"ToPort": 8142,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
},
{
"PrefixListIds": [],
"FromPort": 8143,
"IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
"ToPort": 8143,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
},
{
"PrefixListIds": [],
"FromPort": 61613,
"IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
"ToPort": 61613,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
}
],
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [{"CidrIp": "0.0.0.0/0"}],
"UserIdGroupPairs": [],
"PrefixListIds": []
}
]
}