CodeNow
diff --git a/‎ansible/beta-hosts/variables‎
Lines changed: 37 additions & 0 deletions b/‎ansible/beta-hosts/variables‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎ansible/gamma-hosts/variables‎
Lines changed: 36 additions & 0 deletions b/‎ansible/gamma-hosts/variables‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎ansible/roles/ec2/templates/sg_api.yml‎
Lines changed: 112 additions & 0 deletions b/‎ansible/roles/ec2/templates/sg_api.yml‎
Lines changed: 112 additions & 0 deletions
diff --git a/‎ansible/roles/ec2/templates/sg_bastion.yml‎
Lines changed: 37 additions & 0 deletions b/‎ansible/roles/ec2/templates/sg_bastion.yml‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎ansible/roles/ec2/templates/sg_default.yml‎
Lines changed: 35 additions & 0 deletions b/‎ansible/roles/ec2/templates/sg_default.yml‎
Lines changed: 35 additions & 0 deletions
@@ -60,3 +60,40 @@ rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM
 registry_host=10.20.1.55
 swarm_token=d363b783f03a845a2c82b081bfe8443e
 user_content_domain=runnablecloud.com
+
+[ec2:vars]
+env=beta
+aws_custid=437258487404
+vpc_id=vpc-9e84e1fb
+security_groups:
+- sg_api
+- sg_bastion
+- default
+- sg_dock
+- sg_hipache
+- sg_mongo
+- sg_nat
+- sg_navi
+- sg_neo4j
+- sg_rabbit
+- sg_rds
+- sg_redis
+- sg_services
+- sg_userland
+- sg_web
+sg_api=sg-a6e684c2
+sg_bastion=sg-6bc8060f
+sg_default=sg-87ca04e3
+sg_dock=sg-d6e684b2
+sg_hipache=sg-1935727d
+sg_mongo=sg-13c30d77
+sg_nat=sg-4f07742b
+sg_navi=sg-8de684e9
+sg_neo4j=sg-78dd131c
+sg_rabbit=sg-42a76e26
+sg_rds=sg-a27f36c6
+sg_redis=sg-81d01ee5
+sg_services=sg-950172f1
+sg_userland=sg-5a28663e
+sg_web=sg-58da143c
+
@@ -70,3 +70,39 @@ rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM
 registry_host=10.4.4.82
 swarm_token=d363b783f03a845a2c82b081bfe8443e
 user_content_domain=runnable.ninja
+
+[ec2:vars]
+env=gamma
+aws_custid=437258487404
+vpc_id=vpc-c53464a0
+security_groups:
+- sg_api
+- sg_bastion
+- default
+- sg_dock
+- sg_hipache
+- sg_mongo
+- sg_nat
+- sg_navi
+- sg_neo4j
+- sg_rabbit
+- sg_rds
+- sg_redis
+- sg_services
+- sg_userland
+- sg_web
+sg_api=sg-3b0c7b5f
+sg_bastion=sg-91eb81f5
+sg_default=sg-08412b6c
+sg_dock=sg-577a0d33
+sg_hipache=sg-e70c7883
+sg_mongo=sg-977a0df3
+sg_nat=sg-b595ffd1
+sg_navi=sg-45633421
+sg_neo4j=sg-ff60179b
+sg_rabbit=sg-44b7cb201
+sg_rds=sg-081e596c
+sg_redis=sg-477b0c23
+sg_services=sg-8c6710e8
+sg_userland=sg-12ce9876
+sg_web=sg-fe8bf49a
@@ -0,0 +1,112 @@
+---
+  SecurityGroups: 
+    - 
+      IpPermissionsEgress: 
+        - 
+          IpProtocol: "-1"
+          IpRanges: 
+            - 
+              CidrIp: "0.0.0.0/0"
+          UserIdGroupPairs: []
+          PrefixListIds: []
+      Description: "{{ env }} API Security Policy"
+      Tags: 
+        - 
+          Value: "{{ env }}-api"
+          Key: "Name"
+        - 
+          Value: "api"
+          Key: "Service"
+        - 
+          Value: "{{ env }}"
+          Key: "Environment"
+      IpPermissions: 
+        - 
+          PrefixListIds: []
+          FromPort: 8400
+          IpRanges: []
+          ToPort: 8400
+          IpProtocol: "tcp"
+          UserIdGroupPairs: 
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_web }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_services }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_dock }}"
+        - 
+          PrefixListIds: []
+          FromPort: 32768
+          IpRanges: []
+          ToPort: 65535
+          IpProtocol: "tcp"
+          UserIdGroupPairs: 
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_hipache }}"
+        - 
+          PrefixListIds: []
+          FromPort: 22
+          IpRanges: []
+          ToPort: 22
+          IpProtocol: "tcp"
+          UserIdGroupPairs: 
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_bastion }}"
+        - 
+          PrefixListIds: []
+          FromPort: 8301
+          IpRanges: []
+          ToPort: 8302
+          IpProtocol: "udp"
+          UserIdGroupPairs: 
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_web }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_services }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_dock }}"
+        - 
+          PrefixListIds: []
+          FromPort: 8500
+          IpRanges: []
+          ToPort: 8500
+          IpProtocol: "tcp"
+          UserIdGroupPairs: 
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_web }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_services }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_dock }}"
+        - 
+          PrefixListIds: []
+          FromPort: 8300
+          IpRanges: []
+          ToPort: 8302
+          IpProtocol: "tcp"
+          UserIdGroupPairs: 
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_web }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_services }}"
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_dock }}"
+      GroupName: "{{ env }}-api"
+      VpcId: "{{ vpc_id }}"
+      OwnerId: "{{ aws_custid }}"
+      GroupId: "{{ sg_api }}"
+
@@ -0,0 +1,37 @@
+---
+  SecurityGroups: 
+    - 
+      IpPermissionsEgress: 
+        - 
+          IpProtocol: "-1"
+          IpRanges: 
+            - 
+              CidrIp: "0.0.0.0/0"
+          UserIdGroupPairs: []
+          PrefixListIds: []
+      Description: "{{ env }} Bastion Security Policy"
+      Tags: 
+        - 
+          Value: "{{ env }}-bastion"
+          Key: "Name"
+        -   
+          Value: "bastion"
+          Key: "Service"
+        -   
+          Value: "{{ env }}"
+          Key: "Environment"
+      IpPermissions: 
+        - 
+          PrefixListIds: []
+          FromPort: 22
+          IpRanges: 
+            - 
+              CidrIp: "0.0.0.0/0"
+          ToPort: 22
+          IpProtocol: "tcp"
+          UserIdGroupPairs: []
+      GroupName: "{{ env }}-bastion"
+      VpcId: "{{ vpc_id }}"
+      OwnerId: "{{ aws_custid }}"
+      GroupId: "{{ sg_bastion }}"
+
@@ -0,0 +1,35 @@
+---
+  SecurityGroups: 
+    - 
+      IpPermissionsEgress: 
+        - 
+          IpProtocol: "-1"
+          IpRanges: 
+            - 
+              CidrIp: "0.0.0.0/0"
+          UserIdGroupPairs: []
+          PrefixListIds: []
+      Description: "{{ env }} Default Security Policy"
+      Tags: 
+        - 
+          Value: "{{ env }}-default"
+          Key: "Name"
+        -
+          Value: "default"
+          Key: "Service"
+        -
+          Value: "{{ ENV }}"
+          Key: "Environment"
+      IpPermissions: 
+        - 
+          IpProtocol: "-1"
+          UserIdGroupPairs: 
+            - 
+              UserId: "{{ aws_custid }}"
+              GroupId: "{{ sg_default }}"
+          PrefixListIds: []
+      GroupName: "default"
+      VpcId: "{{ vpc_id }}"
+      OwnerId: "{{ aws_custid }}"
+      GroupId: "{{ sg_default }}"
+