-
Notifications
You must be signed in to change notification settings - Fork 888
/
Copy pathsecuritygroup-disable-auto-use-existing.config
44 lines (41 loc) · 2.08 KB
/
securitygroup-disable-auto-use-existing.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
###################################################################################################
#### This configuration file uses the configuration options in the aws:elb:loadbalancer &
#### aws:autoscaling:launchconfiguration namespaces to modify the default security groups for your environment.
#### This allows you to bypass beanstalk auto-creating a security group for you, and use your own pre-defined groups
####
#### Note that in order for this to take effect it needs to be applied during environment creation, so an application
#### version must be uploaded and used as a VersionLabel during environment creation.
####
#### See the following topic for more information about the options in this namespace:
#### http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.managing.as.html
####
#### Author: Moshe Eshel @mosheeshel
###################################################################################################
Parameters:
asg_sg_ids:
Type: CommaDelimitedList
Description: Custom (list of) Security Group(s) for Auto Scaling Group (supports a list in the "sg1,sg2,sg3", as well as single value "sg")
elb_sg_ids: # replace with your own SG (supports a list in the "sg1,sg2,sg3", as well as single value "sg"
Type: CommaDelimitedList
Description: Custom (list of) Security Group(s) for Elastic Load Balancer (supports a list in the "sg1,sg2,sg3", as well as single value "sg")
subnet_id:
Type: String
Description: Subnet id of service, required in VPC situation
Resources:
AWSEBSecurityGroup: { "CmpFn::Remove" : {} }
AWSEBAutoScalingLaunchConfiguration:
Properties:
SecurityGroups: { "Ref": "asg_sg_ids" }
AWSEBLoadBalancer:
Properties:
SecurityGroups: { "Ref": "elb_sg_ids" }
option_settings:
- namespace: "aws:elb:loadbalancer"
option_name: "SecurityGroups"
value: { "Ref": "elb_sg_ids" }
- namespace: "aws:elb:loadbalancer"
option_name: "ManagedSecurityGroup"
value: { "Ref": "elb_sg_ids" }
- namespace: "aws:ec2:vpc"
option_name: "ELBSubnets"
value: { "Ref": "subnet_id" }