Using a Lambda function to automate creating and updating a Security Group of Cloudflares IPv4 addresses.
- Schedule expression: rate(1 day)
- Enabled
- Python 2.7
key: PORTS_LIST value: 80,443
key: SECURITY_GROUP_ID value: add your security group id here
If required you can create a custom security group using the below command line:
aws ec2 create-security-group --group-name cloudflare-access --description "cloudflare IPs access" --vpc-id VPC-ID-GOES-HERE
- Role Name: cloudflare-ip-security-group-update
Required rule to allow the lambda function to edit the security group, use the content of the allow-ec2-security-group-role file
Set the Timeout to 8 seconds
If you happen to find something not to your liking, you are welcome to send a PR.
Ref.: