Class: PortRangeDetector::SecurityGroupsRetrieved

Inherits:

PortRangeDetectorState

• Object
• ScriptExecutionState
• PortRangeDetectorState
• PortRangeDetector::SecurityGroupsRetrieved

Defined in:

lib/scripts/ec2/port_range_detector.rb

Overview

Security groups retrieved. Start analysing them.

Instance Attribute Summary

Attributes inherited from ScriptExecutionState

#context, #logger

Instance Method Summary

• #enter ⇒ Object

Methods inherited from PortRangeDetectorState

load_state

Methods inherited from ScriptExecutionState

#done?, #end_state, #failed?, #get_superclass_name, #initialize, #register_state_change_listener, #start_state_machine, #to_s

Methods included from StateTransitionHelper

#attach_volume, #connect, #copy_distribution, #create_fs, #create_image_from_instance, #create_labeled_fs, #create_security_group_with_rules, #create_snapshot, #create_volume, #create_volume_from_snapshot, #delete_security_group, #delete_snapshot, #delete_volume, #describe_instance, #detach_volume, #determine_file, #disable_ssh_tty, #disconnect, #ec2_handler, #ec2_handler=, #enable_ssh_tty, #get_aws_kernel_image_aki, #get_aws_region_from_endpoint, #get_partition_count, #get_partition_fs_type, #get_partition_fs_type_and_label, #get_partition_label, #get_partition_table, #get_root_device_name, #get_root_partition_fs_type, #get_root_partition_fs_type_and_label, #get_root_partition_label, #get_root_volume_id, #launch_instance, #local_decompress_and_dump_file_to_device, #local_dump_and_compress_device_to_file, #local_dump_device_to_file, #local_dump_file_to_device, #mount_fs, #mount_fs_old, #register_snapshot, #remote_copy, #remote_copy_old, #remote_handler, #remote_handler=, #retrieve_instances, #retrieve_security_groups, #set_partition_table, #shut_down_instance, #snapshot_accessible, #start_instance, #stop_instance, #unmount_fs, #upload_file, #zip_volume

Methods included from VCloudTransitionHelper

#retrieve_ip_services

Constructor Details

This class inherits a constructor from ScriptExecutionState

Instance Method Details

#enter ⇒ Object

# File 'lib/scripts/ec2/port_range_detector.rb', line 49

def enter
  @context[:result][:affected_groups] = []
  @context[:security_groups]['securityGroupInfo']['item'].each() do |group_info|
    post_message("checking group '#{group_info['groupName']}'...")
    next if group_info['ipPermissions'] == nil || group_info['ipPermissions']['item'] == nil
    group_info['ipPermissions']['item'].each() do |permission_info|
      logger.debug("permission_info = #{permission_info.inspect}")
      next unless permission_info['groups'] == nil #ignore access rights to other groups          
      if permission_info['toPort'] != permission_info['fromPort']
        if permission_info['ipRanges']['item'][0]['cidrIp'] == "0.0.0.0/0"
          @context[:result][:affected_groups] << {:name => group_info['groupName'],
            :from => permission_info['fromPort'], :to => permission_info['toPort']}
          post_message("=> found port range #{permission_info['fromPort']}-#{permission_info['toPort']}")
        end
      end
    end
  end
  SecurityGroupsAnalysed.new(@context)
end