AWSTemplateFormatVersion: "2010-09-09" # MIT License # # Copyright (c) 2021 Qumulo, Inc. # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal # in the Software without restriction, including without limitation the rights # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell # copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in all # copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. Metadata: cfn-lint: config: ignore_checks: - W9002 - W9003 - W9004 - W9006 Description: (qs-1t699rd90) Parameters: QSgId: Type: String QSgCidr2: Type: String QSgCidr3: Type: String QSgCidr4: Type: String Conditions: ProvSg2: !Not - !Equals - !Ref QSgCidr2 - "" ProvSg3: !Not - !Equals - !Ref QSgCidr3 - "" ProvSg4: !Not - !Equals - !Ref QSgCidr4 - "" Resources: QumuloSgCIDR2Port21: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for FTP' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 21 ToPort: 21 QumuloSgCIDR2Port22: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for SSH' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 22 ToPort: 22 QumuloSgCIDR2Port80: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for HTTP' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 80 ToPort: 80 QumuloSgCIDR2Port111U: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'UDP ports for SUNRPC' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: udp FromPort: 111 ToPort: 111 QumuloSgCIDR2Port111T: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for SUNRPC' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 111 ToPort: 111 QumuloSgCIDR2Port443: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for HTTPS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 443 ToPort: 443 QumuloSgCIDR2Port445: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for SMB' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 445 ToPort: 445 QumuloSgCIDR2Port2049U: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'UDP ports for NFS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: udp FromPort: 2049 ToPort: 2049 QumuloSgCIDR2Port2049T: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for NFS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 2049 ToPort: 2049 QumuloSgCIDR2Port3712: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for Replication' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 3712 ToPort: 3713 QumuloSgCIDR2Port8000: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg2 Properties: Description: 'TCP ports for REST' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr2 IpProtocol: tcp FromPort: 8000 ToPort: 8000 QumuloSgCIDR3Port21: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for FTP' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 21 ToPort: 21 QumuloSgCIDR3Port22: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for SSH' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 22 ToPort: 22 QumuloSgCIDR3Port80: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for HTTP' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 80 ToPort: 80 QumuloSgCIDR3Port111U: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'UDP ports for SUNRPC' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: udp FromPort: 111 ToPort: 111 QumuloSgCIDR3Port111T: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for SUNRPC' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 111 ToPort: 111 QumuloSgCIDR3Port443: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for HTTPS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 443 ToPort: 443 QumuloSgCIDR3Port445: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for SMB' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 445 ToPort: 445 QumuloSgCIDR3Port2049U: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'UDP ports for NFS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: udp FromPort: 2049 ToPort: 2049 QumuloSgCIDR3Port2049T: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for NFS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 2049 ToPort: 2049 QumuloSgCIDR3Port3712: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for Replication' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 3712 ToPort: 3713 QumuloSgCIDR3Port8000: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg3 Properties: Description: 'TCP ports for REST' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr3 IpProtocol: tcp FromPort: 8000 ToPort: 8000 QumuloSgCIDR4Port21: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for FTP' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 21 ToPort: 21 QumuloSgCIDR4Port22: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for SSH' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 22 ToPort: 22 QumuloSgCIDR4Port80: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for HTTP' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 80 ToPort: 80 QumuloSgCIDR4Port111U: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'UDP ports for SUNRPC' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: udp FromPort: 111 ToPort: 111 QumuloSgCIDR4Port111T: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for SUNRPC' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 111 ToPort: 111 QumuloSgCIDR4Port443: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for HTTPS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 443 ToPort: 443 QumuloSgCIDR4Port445: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for SMB' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 445 ToPort: 445 QumuloSgCIDR4Port2049U: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'UDP ports for NFS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: udp FromPort: 2049 ToPort: 2049 QumuloSgCIDR4Port2049T: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for NFS' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 2049 ToPort: 2049 QumuloSgCIDR4Port3712: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for Replication' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 3712 ToPort: 3713 QumuloSgCIDR4Port8000: Type: 'AWS::EC2::SecurityGroupIngress' Condition: ProvSg4 Properties: Description: 'TCP ports for REST' GroupId: !Ref QSgId CidrIp: !Ref QSgCidr4 IpProtocol: tcp FromPort: 8000 ToPort: 8000