Class: CloudProviders::SecurityGroup
- Inherits:
-
Ec2Helper
show all
- Defined in:
- lib/cloud_providers/ec2/helpers/security_group.rb
Instance Attribute Summary
#init_opts, #name
Instance Method Summary
collapse
Methods inherited from Ec2Helper
#as, #ec2, #elb, #initialize, #pool, property, #rds
#after_initialized, #bootstrap_nodes!, #default_keypair_path, default_keypair_path, #initialize, #method_missing
Instance Method Details
#all_security_groups ⇒ Object
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 71
def all_security_groups
@all_security_groups ||= ec2.describe_security_groups.securityGroupInfo.item.map do |sg|
perms = sg["ipPermissions"] || {"item" => []} rescue [{"item" => []}]
{
:name => sg["groupName"],
:description => sg["groupDescription"],
:ip_permissions => perms["item"].map do |i|
ip_ranges = i["ipRanges"] || {"item" => []} rescue {"item" => []}
{
:protocol => i["ipProtocol"],
:from_port => i["fromPort"],
:to_port => i["toPort"],
:ip_ranges => ip_ranges["item"].map do |ip|
{
:cidrIp => ip["cidrIp"]
}
end
}
end
}
end
end
|
#authorize(o = {}, &block) ⇒ Object
56
57
58
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 56
def authorize(o={}, &block)
authorizes << Authorize.new("#{name}", o.merge(:parent => parent, :cloud => cloud), &block)
end
|
#authorizes ⇒ Object
96
97
98
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 96
def authorizes
@authorizes ||= []
end
|
#create_security_group! ⇒ Object
62
63
64
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 62
def create_security_group!
ec2.create_security_group(:group_name => name, :group_description => "PoolParty generated security group: #{name}")
end
|
#revoke(o = {}, &block) ⇒ Object
59
60
61
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 59
def revoke(o={}, &block)
revokes << Revoke.new("#{name}", o.merge(:parent => parent, :cloud => cloud), &block)
end
|
99
100
101
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 99
def revokes
@revokes ||= []
end
|
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 4
def run
if should_create_security_group?
create_security_group!
end
current_security_groups = security_groups.map {|a|
a[:ip_permissions].map do |perm|
if perm[:group_name]
{
:group_name => perm[:group_name]
}
else
if perm[:ip_ranges].size > 1
perm[:ip_ranges].map do |range|
{
:group_name => a[:name],
:from_port => perm[:from_port],
:to_port => perm[:to_port],
:cidr_ip => range,
:ip_protocol => perm[:protocol]
}.flatten
end.flatten
else
{
:group_name => a[:name],
:from_port => perm[:from_port],
:to_port => perm[:to_port],
:cidr_ip => perm[:ip_ranges].map {|c| c[:cidrIp] }.first, :ip_protocol => perm[:protocol]
}
end
end
end.flatten
}.flatten
authorizers = []
authorizes.each do |a|
unless current_security_groups.include?(a.to_hash)
authorizers << a
end
end
defined_security_group_hashes = authorizes.map {|a| a.to_hash}
current_security_groups.each do |hsh|
unless defined_security_group_hashes.include?(hsh)
revoke(hsh.merge(:protocol => hsh[:ip_protocol]))
end
end
revokes.each {|r| r.run }
authorizers.each {|a| a.run}
end
|
#security_groups ⇒ Object
68
69
70
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 68
def security_groups
@security_groups ||= all_security_groups.select {|sg| sg[:name] == name }
end
|
#should_create_security_group? ⇒ Boolean
65
66
67
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 65
def should_create_security_group?
security_groups.empty?
end
|
93
94
95
|
# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 93
def to_s
name
end
|