Module: Stem::Group
- Extended by:
- Group
- Includes:
- Util
- Included in:
- Group
- Defined in:
- lib/stem/group.rb
Instance Method Summary
collapse
Methods included from Util
#get_filter_opts, #swirl, #tags_to_filter, #tagset_to_hash
Instance Method Details
#auth(name, rules) ⇒ Object
52
53
54
55
56
57
58
59
60
|
# File 'lib/stem/group.rb', line 52
def auth(name, rules)
index = 0
args = rules.inject({"GroupName" => name}) do |i,rule|
index += 1;
rule_hash = gen_authorize(index, rule)
i.merge(rule_hash)
end
swirl.call "AuthorizeSecurityGroupIngress", args
end
|
#create(name, rules = nil, description = "") ⇒ Object
25
26
27
28
29
30
31
|
# File 'lib/stem/group.rb', line 25
def create(name, rules = nil, description = "")
create!(name, rules, description)
true
rescue Swirl::InvalidRequest => e
raise e unless e.message =~ /The security group '\S+' already exists/
false
end
|
#create!(name, rules = nil, description = "") ⇒ Object
33
34
35
36
|
# File 'lib/stem/group.rb', line 33
def create!(name, rules = nil, description = "")
swirl.call "CreateSecurityGroup", "GroupName" => name, "GroupDescription" => description
auth(name, rules) if rules
end
|
#destroy(name) ⇒ Object
38
39
40
41
42
43
44
45
46
|
# File 'lib/stem/group.rb', line 38
def destroy(name)
destroy!(name)
true
rescue Swirl::InvalidRequest => e
puts "===> #{e.class}"
puts "===> #{e.message}"
puts "#{e.backtrace.join("\n")}"
false
end
|
#destroy!(name) ⇒ Object
48
49
50
|
# File 'lib/stem/group.rb', line 48
def destroy!(name)
swirl.call "DeleteSecurityGroup", "GroupName" => name
end
|
#gen_authorize(index, rule) ⇒ Object
100
101
102
103
104
105
106
107
108
109
110
|
# File 'lib/stem/group.rb', line 100
def gen_authorize(index, rule)
if rule =~ /icmp:\/\/(.+)/
{ "IpPermissions.#{index}.IpProtocol" => "icmp",
"IpPermissions.#{index}.FromPort" => "-1",
"IpPermissions.#{index}.ToPort" => "-1" }.merge(gen_authorize_target(index,$1))
elsif rule =~ /(tcp|udp):\/\/(.*):(.*)/
{ "IpPermissions.#{index}.IpProtocol" => $1 }.merge(gen_authorize_target(index,$2)).merge(gen_authorize_ports(index,$3))
else
raise "bad rule: #{rule}"
end
end
|
#gen_authorize_ports(index, ports) ⇒ Object
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
# File 'lib/stem/group.rb', line 85
def gen_authorize_ports(index, ports)
if ports =~ /^(\d+)-(\d+)$/
{ "IpPermissions.#{index}.FromPort" => $1,
"IpPermissions.#{index}.ToPort" => $2 }
elsif ports =~ /^(\d+)$/
{ "IpPermissions.#{index}.FromPort" => $1,
"IpPermissions.#{index}.ToPort" => $1 }
elsif ports == ""
{ "IpPermissions.#{index}.FromPort" => "0",
"IpPermissions.#{index}.ToPort" => "65535" }
else
raise "bad ports: #{rule}"
end
end
|
#gen_authorize_target(index, target) ⇒ Object
72
73
74
75
76
77
78
79
80
81
82
83
|
# File 'lib/stem/group.rb', line 72
def gen_authorize_target(index, target)
if target =~ /^\d+\.\d+\.\d+.\d+\/\d+$/
{ "IpPermissions.#{index}.IpRanges.1.CidrIp" => target }
elsif target =~ /^(.+)@(\w+)$/
{ "IpPermissions.#{index}.Groups.1.GroupName" => $1,
"IpPermissions.#{index}.Groups.1.UserId" => $2 }
elsif target =~ /^@(\w+)$/
{ "IpPermissions.#{index}.Groups.1.UserId" => $1 }
else
{ "IpPermissions.#{index}.Groups.1.GroupName" => target }
end
end
|
#get(name) ⇒ Object
icmp://1.2.3.4/32 icmp://GroupName icmp://GroupName@UserId icmp://@UserId tcp://0.0.0.0/0:22 tcp://0.0.0.0/0:22-23 tcp://10.0.0.0/8: (this imples 0-65535 udp://GroupName:4567 udp://GroupName@UserID:4567-9999
18
19
20
21
22
23
|
# File 'lib/stem/group.rb', line 18
def get(name)
swirl.call("DescribeSecurityGroups", "GroupName.1" => name)["securityGroupInfo"].first
rescue Swirl::InvalidRequest => e
raise e unless e.message =~ /The security group '\S+' does not exist/
nil
end
|
#revoke(name, rules) ⇒ Object
62
63
64
65
66
67
68
69
70
|
# File 'lib/stem/group.rb', line 62
def revoke(name, rules)
index = 0
args = rules.inject({"GroupName" => name}) do |i,rule|
index += 1;
rule_hash = gen_authorize(index, rule)
i.merge(rule_hash)
end
swirl.call "RevokeSecurityGroupIngress", args
end
|