Create a Rule for an EC2 Security Group

Updated 1 day ago by Totalcloud

Customizing rules for a security group ensures the infrastructure is safe.

There's a template already available in the web app for this use case. This workflow template helps you create a rule for a specific EC2 security group.

Please find below the information on how this template works and how you can customize it according to your needs.

How Does This Template Work?

  1. Trigger node initiates the workflow from Monday to Friday at 9am.
  2. Resource node fetches all EC2 Security Groups belonging to an AWS account and AWS region.
  3. Filter node filters out specific security groups belonging to a particular group.
  4. User Approval node sends an email to the recipient requesting to Approve or Reject the action that follows.
  5. Action node, upon detecting Approve command, authorizes security group ingress.
  6. Notification node sends an email to the concerned team(s) or stakeholder(s) about adding the SG rule.

Steps to Customize this Template

  1. Open the template
  2. Click on the 'Edit' option in the Trigger node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Select the day of the week you want to start the workflow from the drop down menu. Example: Monday. If you want the workflow to start every morning, select all the days of the week.
    2. Select the time of the day, of your choice, from the drop down menu. Example: 6:00 for 6am and 21:00 for 9pm.
    3. Click on 'Save'
  3. Click on the 'Edit' option in the Resource node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Retain the AWS Service name 'EC2' entry.
    2. Retain the AWS Resource name 'Security Groups' entry.
    3. If you wish to pass only specific Group IDs and Group Names, add them in the Advanced Filters script in place of values.
    {

    /*---------- optional params ----------*/

    /*
    * (Use keyword MAP in place of value if want to autofill any value from previous data)
    */


    "GroupIds": [
    "VALUE",
    "VALUE"
    ],
    "GroupNames": [
    "VALUE",
    "VALUE"
    ]
    }
    If you wish to pick only specific attributes of instances, use Add-ons available.
    1. Click on 'Save'
  4. Click on the 'Edit' option in the Filter node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Select Resource to perform action on as the resource node prior to this node.
    2. Retain the Param selection
    3. Modify the Key and Value if you wish to change. To fine tune the filtering further, add more conditions.
    4. Click on 'Save'
  5. Click on the 'Edit' option in the User Approval node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Enter the receiver's email or Slack account
    2. Type in the customized message you would like to be sent to the recipient.
    If you do not type in a customized message, TotalCloud will send a default email with Approve or Reject commands.
    1. Click on 'Save'
  6. Click on the 'Edit' option in the Action node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Select Resource to perform action on as the Filter node prior to this node
    2. Retain the AWS Service name 'EC2' entry
    3. Retain the Action entry ' Authorize Security Group Ingress '
    If you wish to pass additional parameters to the node, use Additional Parameters feature.
    1. Click on 'Save'
  7. Click on the 'Edit' option in the Notification node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Select Resource to perform action on as the Action node prior to this node.
    2. Enter the receiver's email or slack account
    3. Type in the customized message you would like to be sent to the recipient
    4. Click on 'Save'
    If you do not type in a customized message, TotalCloud will send a default email about the successful execution.
  8. Click on the Save icon
  9. Click on the Run icon

How did we do?