Class: Awscli::EC2::SecGroups
- Inherits:
-
Object
- Object
- Awscli::EC2::SecGroups
- Defined in:
- lib/awscli/ec2.rb
Overview
> KP
Instance Method Summary collapse
- #authorize_securitygroup(options) ⇒ Object
- #create_securitygroup(options) ⇒ Object
- #delete_securitygroup(options) ⇒ Object
-
#initialize(connection) ⇒ SecGroups
constructor
Ec2-VPC: user can have 50 group per VPC.
- #list_secgroups(options) ⇒ Object
- #revoke_securitygroup(options) ⇒ Object
Constructor Details
#initialize(connection) ⇒ SecGroups
Ec2-VPC: user can have 50 group per VPC
298 299 300 |
# File 'lib/awscli/ec2.rb', line 298 def initialize(connection) @conn = connection end |
Instance Method Details
#authorize_securitygroup(options) ⇒ Object
317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 |
# File 'lib/awscli/ec2.rb', line 317 def () # => Ingress regular traffic -> this action applies to both EC2 and VPC Security Groups # Each rule consists of the protocol, plus cidr range or a source group, #for TCP/UDP protocols you must also specify the dest port or port range #for ICMP, you must specify the icmp type and code (-1 means all types/codes) abort "Expecting Security group id(s) of the form: 'sg-xxxxxx'" unless [:group_id] =~ /sg-\S{8}/ abort "Invalid CIDR format" unless [:cidr] =~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/ sg = @conn.security_groups.get_by_id([:group_id]) abort "Cannot find Security Group with Id: #{sg}" unless sg begin @conn.( "GroupId" => [:group_id], "IpProtocol" => [:protocol_type], "FromPort" => [:start_port], "ToPort" => [:end_port], "CidrIp" => [:cidr] ) puts "Authorized rule" rescue Fog::Compute::AWS::Error #=> e abort "Error: #{$!}" #puts $@ #backtrace end end |
#create_securitygroup(options) ⇒ Object
359 360 361 362 363 |
# File 'lib/awscli/ec2.rb', line 359 def create_securitygroup() abort "Error: Security Group => #{[:name]} already exists" if @conn.security_groups.get([:name]) @conn.security_groups.create() puts "Created Security Group: #{[:name]}" end |
#delete_securitygroup(options) ⇒ Object
365 366 367 368 369 370 371 372 373 374 |
# File 'lib/awscli/ec2.rb', line 365 def delete_securitygroup() sg = @conn.security_groups.get_by_id([:group_id]) abort "Error: Cannot find Security Group with Id: #{sg}" unless sg begin sg.destroy puts "Deleted Security Group with id: #{[:group_id]}" rescue Fog::Compute::AWS::Error #=> e abort "Error: #{$!}" end end |
#list_secgroups(options) ⇒ Object
302 303 304 305 306 307 308 309 310 311 312 313 314 315 |
# File 'lib/awscli/ec2.rb', line 302 def list_secgroups() if [:show_ip_permissions] # @conn.security_groups.table([:name, :group_id, :ip_permissions]) @conn.security_groups.each do |sg| id = sg.group_id = sg..to_yaml Formatador.display_line("[green]#{id}[/]") puts "#{}" puts '=================' end else @conn.security_groups.table([:name, :group_id, :description]) end end |
#revoke_securitygroup(options) ⇒ Object
341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 |
# File 'lib/awscli/ec2.rb', line 341 def revoke_securitygroup() abort "Expecting Security group id(s) of the form: 'sg-xxxxxx'" unless [:group_id] =~ /sg-\S{8}/ sg = @conn.security_groups.get_by_id([:group_id]) abort "Cannot find Security Group with Id: #{sg}" unless sg begin response = @conn.revoke_security_group_ingress( "GroupId" => [:group_id], "IpProtocol" => [:protocol_type], "FromPort" => [:start_port], "ToPort" => [:end_port], "CidrIp" => [:cidr] ) puts "Revoked rule: #{response.body['return']}" rescue Fog::Compute::AWS::Error #=> e abort "Error: #{$!}" end end |