in lambda/isolate-ec2-security-group.py [0:0]
def create_security_sg(vpc_id):
sg_group_id = None
try:
response = ec2client.create_security_group(
Description='Security Team Security Group ',
GroupName=security_team_name,
VpcId=vpc_id
)
sg_group_id = response["GroupId"]
except ClientError as e:
logger.exception(e)
if sg_group_id != None:
try:
response = ec2client.authorize_security_group_ingress(
GroupId=sg_group_id,
IpPermissions=[
{
'FromPort': 3389,
'ToPort': 3389,
'IpProtocol': 'tcp',
'IpRanges': [
{
'CidrIp': corp_cidr,
'Description': 'Corp Office'
},
]
},
{
'FromPort': 22,
'ToPort': 22,
'IpProtocol': 'tcp',
'IpRanges': [
{
'CidrIp': corp_cidr,
'Description': 'Corp Office'
},
]
},
],
)
except ClientError as e:
logger.exception(e)
return sg_group_id