{
    "Resources": {
        "$instancePort": {
            "Properties": {
                "allowed_address_pairs": [
                    {
                        "ip_address": "$clusterIp"
                    }
                ],
                "SecurityGroups": [
                    {
                        "Ref": "MsSqlSecurityGroup"
                    }
                ]
            }
        },
        "MsSqlSecurityGroup": {
            "Type": "AWS::EC2::SecurityGroup",
            "Properties": {
                "SecurityGroupIngress": [
                    {
                        "ToPort": "4022",
                        "IpProtocol": "tcp",
                        "FromPort": "4022",
                        "CidrIp": "0.0.0.0/0"
                    },
                    {
                        "ToPort": "135",
                        "IpProtocol": "tcp",
                        "FromPort": "135",
                        "CidrIp": "0.0.0.0/0"
                    },
                    {
                        "ToPort": "1433",
                        "IpProtocol": "tcp",
                        "FromPort": "1433",
                        "CidrIp": "0.0.0.0/0"
                    },
                    {
                        "ToPort": "1434",
                        "IpProtocol": "tcp",
                        "FromPort": "1434",
                        "CidrIp": "0.0.0.0/0"
                    }
                ],
                "GroupDescription": "Enable MS SQL access"
            }
        }
    }
}