Module: Furikake::Resources::SecurityGroup

Defined in:
lib/furikake/resources/security_group.rb

Class Method Summary collapse

Class Method Details

.encode_value(value) ⇒ Object 



108
109
110
111
112
 
# File 'lib/furikake/resources/security_group.rb', line 108

def encode_value(value)
  return ('\\' + value) if value == '-'
  return ('\\' + value) if value.index('_') == 0
  value
end

.get_resourcesObject 



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'lib/furikake/resources/security_group.rb', line 29

def get_resources
  ec2 = Aws::EC2::Client.new
  params = {}
  ingresses = []
  egresses = []
  loop do
    res = ec2.describe_security_groups(params)
    res.security_groups.each do |sg|
      sg.ip_permissions.each do |permission|
        ingress = []
        ingress << sg.group_id
        ingress << encode_value(sg.group_name)
        ingress << encode_value(sg.description || 'N/A')
        ingress << (permission.from_port || 'N/A')
        ingress << (permission.ip_protocol == '-1' ? 'ALL' : permission.ip_protocol)
 
        ip_ranges = list_ip_ranges(permission.ip_ranges)
        list_ids = list_ids(permission.prefix_list_ids)
        group_pairs = list_group_pairs(permission.user_id_group_pairs)

        source = []
        source << ip_ranges unless ip_ranges.empty?
        source << list_ids unless list_ids.empty?
        source << group_pairs unless group_pairs.empty?
        ingress << source.join(', ')
        ingresses << ingress
      end
 
      sg.ip_permissions_egress.each do |permission|
        egress = []
        egress << sg.group_id
        egress << encode_value(sg.group_name)
        egress << encode_value(sg.description || 'N/A')
        egress << (permission.from_port || 'N/A')
        egress << (permission.ip_protocol == '-1' ? 'ALL' : permission.ip_protocol)

        ip_ranges = list_ip_ranges(permission.ip_ranges)
        list_ids = list_ids(permission.prefix_list_ids)
        group_pairs = list_group_pairs(permission.user_id_group_pairs)

        dest = []
        dest << ip_ranges unless ip_ranges.empty?
        dest << list_ids unless list_ids.empty?
        dest << group_pairs unless group_pairs.empty?
        egress << dest.join(', ')
        egresses << egress
      end
    end
    break if res.next_token.nil?
    params[:next_token] = res.next_token
  end

  return ingresses, egresses
end

.list_group_pairs(user_id_group_pairs) ⇒ Object 



100
101
102
103
104
105
106
 
# File 'lib/furikake/resources/security_group.rb', line 100

def list_group_pairs(user_id_group_pairs)
  result = []
  user_id_group_pairs.each do |id|
    result << (id.group_id || 'N/A') + ' (' + (id.description|| 'N/A') + ')'
  end
  result
end

.list_ids(prefix_list_ids) ⇒ Object 



92
93
94
95
96
97
98
 
# File 'lib/furikake/resources/security_group.rb', line 92

def list_ids(prefix_list_ids)
  result = []
  prefix_list_ids.each do |id|
    result << (id.prefix_list_id || 'N/A') + ' (' + (id.description|| 'N/A') + ')'
  end
  result
end

.list_ip_ranges(ip_ranges) ⇒ Object 



84
85
86
87
88
89
90
 
# File 'lib/furikake/resources/security_group.rb', line 84

def list_ip_ranges(ip_ranges)
  result = []
  ip_ranges.each do |ip|
    result << (ip.cidr_ip || 'N/A') + ' (' + (ip.description || 'N/A') + ')'
  end
  result
end

.reportObject 



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'lib/furikake/resources/security_group.rb', line 4

def report
  ingresses, egresses = get_resources
  headers = ['ID', 'Group Name', 'Description',
             'Port', 'Protocol', 'Source' ]
  ingress_info = MarkdownTables.make_table(headers, ingresses, is_rows: true, align: 'l')

  headers = ['ID', 'Group Name', 'Description',
             'Port', 'Protocol', 'Destination' ]
  egress_info = MarkdownTables.make_table(headers, egresses, is_rows: true, align: 'l')

  documents = <<"EOS"
### Security Group

#### Ingress

#{ingress_info}

#### Egress

#{egress_info}
EOS

  documents
end