AWSTemplateFormatVersion: 2010-09-09
Description: >-
  This template creates a security group with Ingress and Egress rules.
  (qs-1r2g4120u)
Parameters:
  VPCID:
    Type: 'AWS::EC2::VPC::Id'
  VPCCIDR:
    AllowedPattern: >-
      ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
    ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
    Default: 10.0.0.0/16
    Description: CIDR block for the VPC
    Type: String
Resources:
  SecurityGroup:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: Security Group allowing communication to and from Orchestrator
      GroupName: !Join 
        - '-'
        - - !Ref 'AWS::StackName'
          - UiPathRobotSecurityGroup
      Tags:
        - Key: Name
          Value: !Join 
            - '-'
            - - !Ref 'AWS::StackName'
              - SecurityGroup
      VpcId: !Ref VPCID
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 443
          ToPort: 443
          CidrIp: !Ref VPCCIDR
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: !Ref VPCCIDR
        - IpProtocol: tcp
          FromPort: 3389
          ToPort: 3389
          CidrIp: 0.0.0.0/0
      SecurityGroupEgress:
        - IpProtocol: '-1'
          CidrIp: 0.0.0.0/0
        - IpProtocol: '-1'
          CidrIpv6: ::/0
Outputs:
  SecurityGroup:
    Description: Security Group allowing communication to and from Orchestrator
    Value: !Ref SecurityGroup