---
heat_template_version: 2013-05-23
description: # call with openstack stack [update || create ] --wait --template gc_secgroups.hot SecurityGroupStack
resources:
SlurmSecGroup:
type: "OS::Neutron::SecurityGroup"
properties:
name: "heatslurmsecgroup"
rules: [ { protocol: tcp,
port_range_min: 12000,
port_range_max: 12999,
remote_mode: "remote_group_id"},
{ protocol: tcp,
port_range_min: 6817,
port_range_max: 6819,
remote_mode: "remote_group_id"},
{ protocol: tcp,
port_range_min: 1019,
port_range_max: 1019,
remote_mode: "remote_group_id"}]
NFSSecGroup:
type: "OS::Neutron::SecurityGroup"
properties:
name: "heatnfssecgroup"
rules: [ { protocol: tcp,
port_range_min: 2049,
port_range_max: 2049,
remote_mode: "remote_group_id"},
{ protocol: tcp,
port_range_min: 111,
port_range_max: 111,
remote_mode: "remote_group_id"},
{ protocol: udp,
port_range_min: 2049,
port_range_max: 2049,
remote_mode: "remote_group_id"},
{ protocol: udp,
port_range_min: 111,
port_range_max: 111,
remote_mode: "remote_group_id"} ]
LDAPSecGroup:
type: "OS::Neutron::SecurityGroup"
properties:
name: "heatldapsecgroup"
rules: [ { protocol: tcp,
port_range_min: 389,
port_range_max: 389,
remote_mode: "remote_group_id"} ]
MySQLSecGroup:
type: "OS::Neutron::SecurityGroup"
properties:
name: "heatmysqlsecgroup"
rules: [ { protocol: tcp,
port_range_min: 3306,
port_range_max: 3306,
remote_mode: "remote_group_id"} ]
PublicSSHSecGroup:
type: "OS::Neutron::SecurityGroup"
properties:
name: "SSHSecGroup"
rules: [ { protocol: tcp,
port_range_min: 22,
port_range_max: 22} ]
SSHMonashSecGroup:
type: "OS::Neutron::SecurityGroup"
properties:
name: "SSHMonashSecGroup"
rules: [ { protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 59.191.208.0/20
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 114.30.64.0/21
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 118.138.0.0/16
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 118.139.0.0/17
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 130.194.0.0/16
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 203.0.141.0/24
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 203.6.141.0/24
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 203.23.136.0/24
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 59.191.192.0/20
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 202.158.212.32/27
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 130.194.13.96/27
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 49.127.0.0/16
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 202.58.246.0/24
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 202.94.69.0/24
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 103.35.228.0/22
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 43.246.232.0/22
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 103.35.228.0/22
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 59.191.208.0/20
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 49.127.0.0/16
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 59.191.220.0/22
},
{ protocol: tcp,
port_range_min: 22,
port_range_max: 22,
direction: ingress,
remote_ip_prefix: 43.246.232.0/22
} ]
HTTPsSecGroup:
type: "OS::Neutron::SecurityGroup"
properties:
name: "HTTPsSecGroup"
rules: [ { protocol: tcp,
port_range_min: 80,
port_range_max: 80},
{ protocol: tcp,
port_range_min: 443,
port_range_max: 443} ]