Class: Cucloud::VpcUtils

Inherits:

Object

• Object
• Cucloud::VpcUtils

Defined in:

lib/cucloud/vpc_utils.rb

Overview

Utilities library for interacting with VPC

Defined Under Namespace

Classes: PROTOCOL

Instance Method Summary

• #compare_nacls(rules, skip_acl = []) ⇒ Array<Hash <String, String>>

  Compare NACLS in a the current region with a specified rule set.

• #flow_logs? ⇒ boolean

  Does the current region have vpc flow logs?.

• #initialize(vpc_client = Aws::EC2::Client.new) ⇒ VpcUtils constructor

  A new instance of VpcUtils.

• #vpc_flow_log_status ⇒ Array<Hash>

  Get flow log status for all VPCs in this region.

Constructor Details

#initialize(vpc_client = Aws::EC2::Client.new) ⇒ VpcUtils

Returns a new instance of VpcUtils.

# File 'lib/cucloud/vpc_utils.rb', line 17

def initialize(vpc_client = Aws::EC2::Client.new)
  @vpc = vpc_client
end

Instance Method Details

#compare_nacls(rules, skip_acl = []) ⇒ Array<Hash <String, String>>

Compare NACLS in a the current region with a specified rule set

Parameters:

• rules (Array) —

  List of ACL rules to compart with AWS

• skip_acl (Array) (defaults to: []) —

  List of ACL ids to skip in comparison

Returns:

• (Array<Hash <String, String>>) —
  • resp[0].acl #=> String
  • resp[0].missing[0] #=> Array
    • resp[0].missing[0].cidr #=> String
    • resp[0]missing[0].protocol #=> String
    • resp[0]missing[0].egress #=> String
    • resp[0]missing[0].to #=> String
    • resp[0]missing[0].from #=> String
  • resp[0].additional #=> Array
    • resp[0]additional[0].cidr #=> String
    • resp[0]additional[0].protocol #=> String
    • resp[0]additional[0].egress #=> String
    • resp[0]additional[0].to #=> String
    • resp[0]additional[0].from #=> String

Raises:

• (ArgumentError)

# File 'lib/cucloud/vpc_utils.rb', line 38

def compare_nacls(rules, skip_acl = [])
  raise ArgumentError, 'rules is not an array' unless rules.is_a? Array
  compared_rules = []

  nacls = @vpc.describe_network_acls({})

  nacls.network_acls.each do |acl|
    next if skip_acl.include?(acl.network_acl_id)
    compared_rules.push(check_acls(acl, rules))
  end
  compared_rules
end

#flow_logs? ⇒ boolean

Does the current region have vpc flow logs?

Returns:

• (boolean)

# File 'lib/cucloud/vpc_utils.rb', line 53

def flow_logs?
  vpc_flow_log_status.find { |x| !x[:flow_logs_active] }.nil?
end

#vpc_flow_log_status ⇒ Array<Hash>

Get flow log status for all VPCs in this region

Returns:

• (Array<Hash>)

# File 'lib/cucloud/vpc_utils.rb', line 59

def vpc_flow_log_status
  @vpc.describe_vpcs.vpcs.map do |vpc|
    {
      vpc_id: vpc.vpc_id,
      flow_logs_active: !@vpc.describe_flow_logs(
        filter: [{ name: 'resource-id', values: [vpc.vpc_id] }]
      ).flow_logs.empty?
    }
  end
end