This JSON structure is an example EC2 security group policy that accommodates inbound network ports required by Puppet.

{
    "IpPermissions": [
      {
          "PrefixListIds": [],
          "FromPort": 22,
          "IpRanges": [{"CidrIp": "0.0.0.0/0"}],
          "ToPort": 22,
          "IpProtocol": "tcp",
          "UserIdGroupPairs": []
      },
      {
          "PrefixListIds": [],
          "FromPort": 443,
          "IpRanges": [{"CidrIp": "0.0.0.0/0"}],
          "ToPort": 443,
          "IpProtocol": "tcp",
          "UserIdGroupPairs": []
      },
      {
          "PrefixListIds": [],
          "FromPort": 8140,
          "IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
          "ToPort": 8140,
          "IpProtocol": "tcp",
          "UserIdGroupPairs": []
      },
      {
          "PrefixListIds": [],
          "FromPort": 8142,
          "IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
          "ToPort": 8142,
          "IpProtocol": "tcp",
          "UserIdGroupPairs": []
      },
      {
          "PrefixListIds": [],
          "FromPort": 8143,
          "IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
          "ToPort": 8143,
          "IpProtocol": "tcp",
          "UserIdGroupPairs": []
      },
      {
          "PrefixListIds": [],
          "FromPort": 61613,
          "IpRanges": [{"CidrIp": "<SUBNET-CIDR>"}],
          "ToPort": 61613,
          "IpProtocol": "tcp",
          "UserIdGroupPairs": []
      }
    ],
    "IpPermissionsEgress": [
      {
          "IpProtocol": "-1",
          "IpRanges": [{"CidrIp": "0.0.0.0/0"}],
          "UserIdGroupPairs": [],
          "PrefixListIds": []
      }
    ]
}
Back to top