By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Programmatically setting Inbound rule of Security group as local IP using CloudFormation

0

Hi Team, I am trying to change the CloudFormation stack of Redshift which has security group inbound rule as 0.0.0.0/32 which is a violation of my requirement. Can I programmatically set this to my local IP( same way as we choose source as my IP in AWS console)? If yes, please help me on the steps to do so.

Topics
Management & GovernanceNetworking & Content DeliveryAnalytics
Tags
AWS CloudFormationNetworking & Content DeliveryAmazon RedshiftSecurity Group
Language
English
Hema
asked 2 years ago401 views
2 Answers
0

Yes you can specify a more granular ingress security group rule. The Redshift Cloudformation Cluster Security Group Ingress page provides the appropriate guidance on how to add that parameter to your Cloudformation template and some examples.

AWS
Allison_P
answered 2 years ago
  • Hema
    2 years ago

    Hi Allison_P, Thank you so much for the reply. I have gone through the link but every time, the user needs to hardcode whenever they run the stack. But, the requirement here is the stack automatically fetch the IP of user system i.e., Whoever runs it, it should fetch and update the value instead of hardcoding. Please guide me here if you have any other views on the approach.

0

You can create a custom AWS Cloudformation resource which would enable you to run a script, AWS Lambda function, or other automation to acquire the IP Address and store that as an output variable that the Redshift template could use in its deployment. A blog post demonstrating the use of custom Cloudformation resources is available here

AWS
Allison_P
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content