Module: Stem::Group
- Extended by:
- Group
- Includes:
- Util
- Included in:
- Group
- Defined in:
- lib/stem/group.rb
Instance Method Summary
collapse
Methods included from Util
#get_filter_opts, #swirl, #tags_to_filter
Instance Method Details
#auth(name, rules) ⇒ Object
53
54
55
56
57
58
59
60
61
|
# File 'lib/stem/group.rb', line 53
def auth(name, rules)
index = 0
args = rules.inject({"GroupName" => name}) do |i,rule|
index += 1;
rule_hash = gen_authorize(index, rule)
i.merge(rule_hash)
end
swirl.call "AuthorizeSecurityGroupIngress", args
end
|
#create(name, rules = nil) ⇒ Object
25
26
27
28
29
30
31
|
# File 'lib/stem/group.rb', line 25
def create(name, rules = nil)
create!(name, rules)
true
rescue Swirl::InvalidRequest => e
raise e unless e.message =~ /The security group '\S+' already exists/
false
end
|
#create!(name, rules = nil) ⇒ Object
33
34
35
36
37
|
# File 'lib/stem/group.rb', line 33
def create!(name, rules = nil)
description = {}
swirl.call "CreateSecurityGroup", "GroupName" => name, "GroupDescription" => "%%" + description.to_json
auth(name, rules) if rules
end
|
#destroy(name) ⇒ Object
39
40
41
42
43
44
45
46
47
|
# File 'lib/stem/group.rb', line 39
def destroy(name)
destroy!(name)
true
rescue Swirl::InvalidRequest => e
puts "===> #{e.class}"
puts "===> #{e.message}"
puts "#{e.backtrace.join("\n")}"
false
end
|
#destroy!(name) ⇒ Object
49
50
51
|
# File 'lib/stem/group.rb', line 49
def destroy!(name)
swirl.call "DeleteSecurityGroup", "GroupName" => name
end
|
#gen_authorize(index, rule) ⇒ Object
91
92
93
94
95
96
97
98
99
100
101
|
# File 'lib/stem/group.rb', line 91
def gen_authorize(index, rule)
if rule =~ /icmp:\/\/(.+)/
{ "IpPermissions.#{index}.IpProtocol" => "icmp",
"IpPermissions.#{index}.FromPort" => "-1",
"IpPermissions.#{index}.ToPort" => "-1" }.merge(gen_authorize_target(index,$1))
elsif rule =~ /(tcp|udp):\/\/(.*):(.*)/
{ "IpPermissions.#{index}.IpProtocol" => $1 }.merge(gen_authorize_target(index,$2)).merge(gen_authorize_ports(index,$3))
else
raise "bad rule: #{rule}"
end
end
|
#gen_authorize_ports(index, ports) ⇒ Object
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
# File 'lib/stem/group.rb', line 76
def gen_authorize_ports(index, ports)
if ports =~ /^(\d+)-(\d+)$/
{ "IpPermissions.#{index}.FromPort" => $1,
"IpPermissions.#{index}.ToPort" => $2 }
elsif ports =~ /^(\d+)$/
{ "IpPermissions.#{index}.FromPort" => $1,
"IpPermissions.#{index}.ToPort" => $1 }
elsif ports == ""
{ "IpPermissions.#{index}.FromPort" => "0",
"IpPermissions.#{index}.ToPort" => "65535" }
else
raise "bad ports: #{rule}"
end
end
|
#gen_authorize_target(index, target) ⇒ Object
63
64
65
66
67
68
69
70
71
72
73
74
|
# File 'lib/stem/group.rb', line 63
def gen_authorize_target(index, target)
if target =~ /^\d+\.\d+\.\d+.\d+\/\d+$/
{ "IpPermissions.#{index}.IpRanges.1.CidrIp" => target }
elsif target =~ /^(\w+)@(\w+)$/
{ "IpPermissions.#{index}.Groups.1.GroupName" => $1,
"IpPermissions.#{index}.Groups.1.UserId" => $2 }
elsif target =~ /^@(\w+)$/
{ "IpPermissions.#{index}.Groups.1.UserId" => $1 }
else
{ "IpPermissions.#{index}.Groups.1.GroupName" => target }
end
end
|
#get(name) ⇒ Object
icmp://1.2.3.4/32 icmp://GroupName icmp://GroupName@UserId icmp://@UserId tcp://0.0.0.0/0:22 tcp://0.0.0.0/0:22-23 tcp://10.0.0.0/8: (this imples 0-65535 udp://GroupName:4567 udp://GroupName@UserID:4567-9999
18
19
20
21
22
23
|
# File 'lib/stem/group.rb', line 18
def get(name)
swirl.call("DescribeSecurityGroups", "GroupName.1" => name)["securityGroupInfo"].first
rescue Swirl::InvalidRequest => e
raise e unless e.message =~ /The security group '\S+' does not exist/
nil
end
|