Class: DrawCloud::NetworkAclEntry

Inherits:

Base

• Object
• Base
• DrawCloud::NetworkAclEntry

Defined in:

lib/draw_cloud/network_acl_entry.rb

Instance Attribute Summary

• #action ⇒ Object

  Returns the value of attribute action.

• #cidr ⇒ Object

  Returns the value of attribute cidr.

• #direction ⇒ Object

  Returns the value of attribute direction.

• #index ⇒ Object

  Returns the value of attribute index.

• #ports ⇒ Object

  Returns the value of attribute ports.

• #protocol ⇒ Object

  Returns the value of attribute protocol.

Attributes inherited from Base

#as_groups, #as_launch_configurations, #deletion_policy, #depends_on, #ec2_instances, #elastic_ips, #gateways, #iam_access_keys, #iam_policies, #iam_users, #mappings, #metadata, #network_acls, #network_interfaces, #outputs, #parameters, #parent, #rdses, #resources, #route_tables, #security_groups, #sns_topics, #subnets, #vpcs, #wait_handles

Class Method Summary

• .entries_from_spec(action, protocol_spec, direction, cidr, ports_or_types_spec, options = {}, &block) ⇒ Object

Instance Method Summary

• #icmp? ⇒ Boolean
• #initialize(action, protocol, direction, cidr, ports_or_types, options = {}, &block) ⇒ NetworkAclEntry constructor

  A new instance of NetworkAclEntry.

• #load_into_config(config) ⇒ Object
• #outgoing? ⇒ Boolean
• #resource_name ⇒ Object
• #tcp_or_udp? ⇒ Boolean
• #to_h ⇒ Object

Methods inherited from Base

#[], #accessor, #add_standard_properties, #create_as_group, #create_as_launch_configuration, #create_ec2_instance, #create_ec2_instance_template, #create_elastic_ip, #create_iam_access_key, #create_iam_policy, #create_iam_user, #create_mapping, #create_network_acl, #create_network_interface, #create_output, #create_parameter, #create_rds, #create_route_table, #create_security_group, #create_service, #create_sns_topic, #create_subnet, #create_vpc, #create_wait_handle, #ref

Methods included from Locations

#arn_s3

Methods included from Utilities

#desplice, #fnbase64, #fngetatt, #fnjoin, #hash_to_tag_array, #region, #resource_style, #splice, #stack_name

Constructor Details

#initialize(action, protocol, direction, cidr, ports_or_types, options = {}, &block) ⇒ NetworkAclEntry

Returns a new instance of NetworkAclEntry.

# File 'lib/draw_cloud/network_acl_entry.rb', line 52

def initialize(action, protocol, direction, cidr, ports_or_types, options={}, &block)
  @action = action
  @protocol = protocol
  @direction = direction
  @cidr = cidr
  @ports_or_types = ports_or_types
  super(options, &block)
end

Instance Attribute Details

#action ⇒ Object

Returns the value of attribute action.

# File 'lib/draw_cloud/network_acl_entry.rb', line 51

def action
  @action
end

#cidr ⇒ Object

Returns the value of attribute cidr.

# File 'lib/draw_cloud/network_acl_entry.rb', line 51

def cidr
  @cidr
end

#direction ⇒ Object

Returns the value of attribute direction.

# File 'lib/draw_cloud/network_acl_entry.rb', line 51

def direction
  @direction
end

#index ⇒ Object

Returns the value of attribute index.

# File 'lib/draw_cloud/network_acl_entry.rb', line 51

def index
  @index
end

#ports ⇒ Object

Returns the value of attribute ports.

# File 'lib/draw_cloud/network_acl_entry.rb', line 51

def ports
  @ports
end

#protocol ⇒ Object

Returns the value of attribute protocol.

# File 'lib/draw_cloud/network_acl_entry.rb', line 51

def protocol
  @protocol
end

Class Method Details

.entries_from_spec(action, protocol_spec, direction, cidr, ports_or_types_spec, options = {}, &block) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/draw_cloud/network_acl_entry.rb', line 3

def self.entries_from_spec(action, protocol_spec, direction, cidr, ports_or_types_spec, options={}, &block)
  protocol = case protocol_spec
             when :everything, :any, :all
               -1
             when :icmp
               1
             when :tcp
               6
             when :udp
               17
             when Numeric
               protocol_spec
             else
               raise ArgumentError, "Unknown protocol description #{protocol_spec.inspect}"
             end
  
  raise ArgumentError, "Unknown ACL direction #{direction.inspect}" unless direction == :ingress || direction == :egress

  cidr = "0.0.0.0/0" if :any == cidr

  pts = if -1 == protocol
          [nil]
        elsif 1 == protocol
          if :any == ports_or_types_spec
            [[-1, -1]]
          elsif :echo == ports_or_types_spec
            [[8, 0], [0, 0]]
          else
            raise ArgumentError, "Can't understand ICMP specification #{ports_or_types_spec.inspect} - maybe you need to add this code"
          end
        elsif 6 == protocol || 17 == protocol
          case ports_or_types_spec
          when Numeric
            [ports_or_types_spec]
          when Range
            [[ports_or_types_spec.min, ports_or_types_spec.max]]
          when Array
            ports_or_types_spec.collect {|p| if p.is_a?(Range) then [p.min, p.max] else [p, p] end }
          else
            raise ArgumentError, "Can't understand TCP/UDP port specification #{ports_or_types_spec.inspect} - maybe you need to add this code"
          end
        end

  pts.collect do |s|
    NetworkAclEntry.new(action, protocol, direction, cidr, ports_or_types_spec, options)
  end
end

Instance Method Details

#icmp? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/draw_cloud/network_acl_entry.rb', line 65

def icmp?
  1 == protocol
end

#load_into_config(config) ⇒ Object

# File 'lib/draw_cloud/network_acl_entry.rb', line 73

def load_into_config(config)
  config.cf_add_resource resource_name, self
  super(config)
end

#outgoing? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/draw_cloud/network_acl_entry.rb', line 61

def outgoing?
  :egress == direction
end

#resource_name ⇒ Object

# File 'lib/draw_cloud/network_acl_entry.rb', line 78

def resource_name
  DrawCloud.resource_name(network_acl) + direction.to_s.capitalize + "Rule" + index.to_s
end

#tcp_or_udp? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/draw_cloud/network_acl_entry.rb', line 69

def tcp_or_udp?
  6 == protocol || 17 == protocol
end

#to_h ⇒ Object

# File 'lib/draw_cloud/network_acl_entry.rb', line 82

def to_h
  h = {
    "Type" => "AWS::EC2::NetworkAclEntry",
    "Properties" => {
      "RuleNumber" => index,
      "Protocol" => protocol,
      "RuleAction" => case action
                      when :allow
                        "allow"
                      when :deny
                        "deny"
                      else
                        raise ArgumentError, "Unknown NetworkAclEntry action #{action.inspect}"
                      end,
      "Egress" => outgoing?,
      "CidrBlock" => cidr
    }
  }
  h["Properties"]["NetworkAclId"] = DrawCloud.ref(network_acl) if network_acl
  if icmp?
    h["Properties"]["Icmp"] = {"Type" => ports_or_types[0], "Code" => ports_or_types[1] }
  end
  if tcp_or_udp?
    h["Properties"]["PortRange"] = {"From" => ports_or_types[0], "To" => ports_or_types[1] }
  end
  add_standard_properties(h)
end