Amazon EC2
aws ec2 run-instances
--image-id ami-12345678
--instance-type t3.micro
--user-data file://script.yamlUFW Firewall Configuration
Configures Ubuntu Firewall (UFW) with common security rules
Script Author
Rowan de Haas
Script Author
Script Details
Created 11 months ago
Size 2 KB
Tags
Script Content
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#cloud-config
package_update: true
package_upgrade: true
packages:
- ufw
write_files:
- path: /etc/ufw/before.rules
content: |
# Custom rules before UFW rules
# Allow loopback
-A ufw-before-input -i lo -j ACCEPT
-A ufw-before-output -o lo -j ACCEPT
# Allow ICMP
-A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT
-A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT
-A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
append: true
runcmd:
# Reset UFW to defaults
- ufw --force reset
# Set default policies
- ufw default deny incoming
- ufw default allow outgoing
# Allow SSH (adjust port if needed)
- ufw allow ssh
# Allow HTTP and HTTPS
- ufw allow http
- ufw allow https
# Rate limit SSH connections
- ufw limit ssh/tcp
# Enable UFW
- ufw --force enable
# Show status
- ufw status verboseHow to Use This Script
Cloud Provider Examples
DigitalOcean
doctl compute droplet create
--image ubuntu-22-04-x64
--size s-1vcpu-1gb
--user-data-file script.yaml
my-dropletGoogle Cloud
gcloud compute instances create
my-instance
--metadata-from-file
user-data=script.yaml