Class: Awful::SecurityGroup

Inherits:
Cli show all
Defined in:
lib/awful/security_group.rb

Instance Method Summary collapse

Methods inherited from Cli

#initialize

Constructor Details

This class inherits a constructor from Awful::Cli

Instance Method Details

#authorize(name) ⇒ Object 



105
106
107
108
109
110
111
112
113
114
115
 
# File 'lib/awful/security_group.rb', line 105

def authorize(name)
  ec2.authorize_security_group_ingress(
    group_id:    get_id(name),
    ip_protocol: options[:protocol],
    from_port:   options[:from_port] || options[:port],
    to_port:     options[:to_port]   || options[:port],
    cidr_ip:     options[:cidr] || get_my_ip,
  )
rescue Aws::EC2::Errors::InvalidPermissionDuplicate => e
  warn(e.message)
end

#dump(name) ⇒ Object 



76
77
78
79
80
 
# File 'lib/awful/security_group.rb', line 76

def dump(name)
  first_matching_sg(name).output do |sg|
    puts YAML.dump(stringify_keys(sg.to_hash))
  end
end

#inbound(name) ⇒ Object 



84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/awful/security_group.rb', line 84

def inbound(name)
  first_matching_sg(name).ip_permissions.output do |perms|
    sources = ->(perm) { perm.ip_ranges.map(&:cidr_ip) + perm.user_id_group_pairs.map(&:group_id) }
    if options[:long]
      perms.map do |p|
        sources.call(p).map do |s|
          [p.ip_protocol, p.from_port, p.to_port, s]
        end
      end.flatten(1).output { |list| print_table list }
    else
      puts perms.map { |p| sources.call(p) }.flatten
    end
  end
end

#ls(*ids) ⇒ Object 



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/awful/security_group.rb', line 19

def ls(*ids)
  ## filter by tags
  filters = []
  options[:tags].each do |tag|
    key, value = tag.split('=')
    filters << {name: "tag:#{key}", values: [value]}
  end
  filters << {name: 'tag:aws:cloudformation:stack-name', values: [options[:stack]]}    if options[:stack]
  filters << {name: 'tag:aws:cloudformation:logical-id', values: [options[:resource]]} if options[:resource]
  filters = nil if filters.empty? # sdk does not like empty arrays as args

  ec2.describe_security_groups(group_ids: ids, filters: filters).security_groups.output do |groups|
    if options[:long]
      print_table groups.map { |g|
        [ g.group_name, g.group_id, g.vpc_id, g.description ]
      }.sort
    elsif options[:ingress]
      print_table groups.map { |g|
        [ g.group_name, g.group_id, g.ip_permissions.map { |p| "#{p.ip_protocol}:#{p.from_port}-#{p.to_port}" }.join(',') ]
      }.sort
    elsif options[:egress]
      print_table groups.map { |g|
        [ g.group_name, g.group_id, g.ip_permissions_egress.map { |p| "#{p.ip_protocol}:#{p.from_port}-#{p.to_port}" }.join(',') ]
      }.sort
    else
      puts groups.map(&:group_name).sort
    end
  end
end

#revoke(name) ⇒ Object 



123
124
125
126
127
128
129
130
131
132
133
 
# File 'lib/awful/security_group.rb', line 123

def revoke(name)
  ec2.revoke_security_group_ingress(
    group_id:    get_id(name),
    ip_protocol: options[:protocol],
    from_port:   options[:from_port] || options[:port],
    to_port:     options[:to_port]   || options[:port],
    cidr_ip:     options[:cidr] || get_my_ip,
  )
rescue Aws::EC2::Errors::InvalidPermissionNotFound => e
  warn(e.message)
end