AWSTemplateFormatVersion: "2010-09-09"
# MIT License
#
# Copyright (c) 2021 Qumulo, Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
Metadata:
cfn-lint:
config:
ignore_checks:
- W9002
- W9003
- W9004
- W9006
Description: (qs-1t699rd90)
Parameters:
QSgId:
Type: String
QSgCidr2:
Type: String
QSgCidr3:
Type: String
QSgCidr4:
Type: String
Conditions:
ProvSg2: !Not
- !Equals
- !Ref QSgCidr2
- ""
ProvSg3: !Not
- !Equals
- !Ref QSgCidr3
- ""
ProvSg4: !Not
- !Equals
- !Ref QSgCidr4
- ""
Resources:
QumuloSgCIDR2Port21:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for FTP'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 21
ToPort: 21
QumuloSgCIDR2Port22:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for SSH'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 22
ToPort: 22
QumuloSgCIDR2Port80:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for HTTP'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 80
ToPort: 80
QumuloSgCIDR2Port111U:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'UDP ports for SUNRPC'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: udp
FromPort: 111
ToPort: 111
QumuloSgCIDR2Port111T:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for SUNRPC'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 111
ToPort: 111
QumuloSgCIDR2Port443:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for HTTPS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 443
ToPort: 443
QumuloSgCIDR2Port445:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for SMB'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 445
ToPort: 445
QumuloSgCIDR2Port2049U:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'UDP ports for NFS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: udp
FromPort: 2049
ToPort: 2049
QumuloSgCIDR2Port2049T:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for NFS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 2049
ToPort: 2049
QumuloSgCIDR2Port3712:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for Replication'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 3712
ToPort: 3713
QumuloSgCIDR2Port8000:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg2
Properties:
Description: 'TCP ports for REST'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr2
IpProtocol: tcp
FromPort: 8000
ToPort: 8000
QumuloSgCIDR3Port21:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for FTP'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 21
ToPort: 21
QumuloSgCIDR3Port22:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for SSH'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 22
ToPort: 22
QumuloSgCIDR3Port80:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for HTTP'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 80
ToPort: 80
QumuloSgCIDR3Port111U:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'UDP ports for SUNRPC'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: udp
FromPort: 111
ToPort: 111
QumuloSgCIDR3Port111T:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for SUNRPC'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 111
ToPort: 111
QumuloSgCIDR3Port443:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for HTTPS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 443
ToPort: 443
QumuloSgCIDR3Port445:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for SMB'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 445
ToPort: 445
QumuloSgCIDR3Port2049U:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'UDP ports for NFS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: udp
FromPort: 2049
ToPort: 2049
QumuloSgCIDR3Port2049T:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for NFS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 2049
ToPort: 2049
QumuloSgCIDR3Port3712:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for Replication'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 3712
ToPort: 3713
QumuloSgCIDR3Port8000:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg3
Properties:
Description: 'TCP ports for REST'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr3
IpProtocol: tcp
FromPort: 8000
ToPort: 8000
QumuloSgCIDR4Port21:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for FTP'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 21
ToPort: 21
QumuloSgCIDR4Port22:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for SSH'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 22
ToPort: 22
QumuloSgCIDR4Port80:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for HTTP'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 80
ToPort: 80
QumuloSgCIDR4Port111U:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'UDP ports for SUNRPC'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: udp
FromPort: 111
ToPort: 111
QumuloSgCIDR4Port111T:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for SUNRPC'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 111
ToPort: 111
QumuloSgCIDR4Port443:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for HTTPS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 443
ToPort: 443
QumuloSgCIDR4Port445:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for SMB'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 445
ToPort: 445
QumuloSgCIDR4Port2049U:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'UDP ports for NFS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: udp
FromPort: 2049
ToPort: 2049
QumuloSgCIDR4Port2049T:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for NFS'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 2049
ToPort: 2049
QumuloSgCIDR4Port3712:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for Replication'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 3712
ToPort: 3713
QumuloSgCIDR4Port8000:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: ProvSg4
Properties:
Description: 'TCP ports for REST'
GroupId: !Ref QSgId
CidrIp: !Ref QSgCidr4
IpProtocol: tcp
FromPort: 8000
ToPort: 8000