Class: PortRangeDetector::SecurityGroupsRetrieved

Inherits:

PortRangeDetectorState

• Object
• ScriptExecutionState
• PortRangeDetectorState
• PortRangeDetector::SecurityGroupsRetrieved

Defined in:

lib/scripts/ec2/port_range_detector.rb

Overview

Security groups retrieved. Start analysing them.

Instance Attribute Summary

Attributes inherited from ScriptExecutionState

#context, #logger

Instance Method Summary

• #enter ⇒ Object

Methods inherited from PortRangeDetectorState

load_state

Methods inherited from ScriptExecutionState

#done?, #end_state, #failed?, #initialize, #register_state_change_listener, #start_state_machine, #to_s

Methods included from StateTransitionHelper

#attach_volume, #connect, #copy_distribution, #create_fs, #create_snapshot, #create_volume, #create_volume_from_snapshot, #delete_snapshot, #delete_volume, #detach_volume, #determine_file, #disconnect, #ec2_handler, #ec2_handler=, #launch_instance, #mount_fs, #register_snapshot, #remote_copy, #remote_handler, #remote_handler=, #retrieve_instances, #retrieve_security_groups, #shut_down_instance, #start_instance, #unmount_fs, #upload_file, #zip_volume

Constructor Details

This class inherits a constructor from ScriptExecutionState

Instance Method Details

#enter ⇒ Object

# File 'lib/scripts/ec2/port_range_detector.rb', line 49

def enter
  @context[:result][:affected_groups] = []
  @context[:security_groups]['securityGroupInfo']['item'].each() do |group_info|
    post_message("checking group '#{group_info['groupName']}'...")
    next if group_info['ipPermissions'] == nil || group_info['ipPermissions']['item'] == nil
    group_info['ipPermissions']['item'].each() do |permission_info|
      logger.debug("permission_info = #{permission_info.inspect}")
      next unless permission_info['groups'] == nil #ignore access rights to other groups          
      if permission_info['toPort'] != permission_info['fromPort']
        if permission_info['ipRanges']['item'][0]['cidrIp'] == "0.0.0.0/0"
          @context[:result][:affected_groups] << {:name => group_info['groupName'],
            :from => permission_info['fromPort'], :to => permission_info['toPort']}
          post_message("=> found port range #{permission_info['fromPort']}-#{permission_info['toPort']}")
        end
      end
    end
  end
  SecurityGroupsAnalysed.new(@context)
end