Class: Fog::Bouncer::Security
- Inherits:
-
Object
- Object
- Fog::Bouncer::Security
- Defined in:
- lib/fog/bouncer/security.rb
Instance Attribute Summary collapse
-
#description ⇒ Object
readonly
Returns the value of attribute description.
-
#name ⇒ Object
readonly
Returns the value of attribute name.
Instance Method Summary collapse
- #accounts ⇒ Object
- #clear_remote ⇒ Object
- #clear_remote! ⇒ Object
- #define(name, sources, &block) ⇒ Object
- #definitions(name) ⇒ Object
- #extra_remote_groups ⇒ Object
- #groups ⇒ Object
- #import_remote_groups ⇒ Object
-
#initialize(name, specific_groups = [], &block) ⇒ Security
constructor
A new instance of Security.
- #missing_remote_groups ⇒ Object
- #sync ⇒ Object
- #use(name) ⇒ Object
Constructor Details
#initialize(name, specific_groups = [], &block) ⇒ Security
Returns a new instance of Security.
8 9 10 11 12 13 14 15 |
# File 'lib/fog/bouncer/security.rb', line 8 def initialize(name, specific_groups = [], &block) @name = name @definitions = {} @specific_groups = specific_groups @using = [] instance_eval(&block) apply_definitions end |
Instance Attribute Details
#description ⇒ Object (readonly)
Returns the value of attribute description.
6 7 8 |
# File 'lib/fog/bouncer/security.rb', line 6 def description @description end |
#name ⇒ Object (readonly)
Returns the value of attribute name.
6 7 8 |
# File 'lib/fog/bouncer/security.rb', line 6 def name @name end |
Instance Method Details
#accounts ⇒ Object
17 18 19 |
# File 'lib/fog/bouncer/security.rb', line 17 def accounts @accounts ||= { 'amazon-elb' => 'amazon-elb', 'self' => Fog::Bouncer.aws_account_id } end |
#clear_remote ⇒ Object
63 64 65 |
# File 'lib/fog/bouncer/security.rb', line 63 def clear_remote GroupManager.new(self).clear end |
#clear_remote! ⇒ Object
67 68 69 70 71 72 |
# File 'lib/fog/bouncer/security.rb', line 67 def clear_remote! log clear_remote!: true until groups.select { |g| g.remote? }.size == 1 clear_remote end end |
#define(name, sources, &block) ⇒ Object
21 22 23 24 |
# File 'lib/fog/bouncer/security.rb', line 21 def define(name, sources, &block) raise SourceBlockRequired unless block_given? @definitions[name] = { sources: Array(sources), block: block } end |
#definitions(name) ⇒ Object
26 27 28 |
# File 'lib/fog/bouncer/security.rb', line 26 def definitions(name) @definitions[name] || raise(DefinitionNotFound.new("No definition found for #{name}.")) end |
#extra_remote_groups ⇒ Object
30 31 32 |
# File 'lib/fog/bouncer/security.rb', line 30 def extra_remote_groups groups.select { |group| !group.local? && group.remote? } end |
#groups ⇒ Object
34 35 36 |
# File 'lib/fog/bouncer/security.rb', line 34 def groups @groups ||= [] end |
#import_remote_groups ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 |
# File 'lib/fog/bouncer/security.rb', line 38 def import_remote_groups Fog::Bouncer.fog.security_groups.each do |remote_group| next if remote_group.vpc_id next if @specific_groups.any? && !@specific_groups.include?(remote_group.name) group = group(remote_group.name, remote_group.description) group.remote = remote_group if remote_group. && remote_group..all?{|p| %w[icmp tcp udp].include?(p["ipProtocol"]) } IPPermissions.to(group, remote_group.) end end end |
#missing_remote_groups ⇒ Object
50 51 52 |
# File 'lib/fog/bouncer/security.rb', line 50 def missing_remote_groups groups.select { |group| group.local? && !group.remote? } end |
#sync ⇒ Object
54 55 56 57 |
# File 'lib/fog/bouncer/security.rb', line 54 def sync log(group_limit: 500, groups: groups.size) GroupManager.new(self).synchronize end |
#use(name) ⇒ Object
59 60 61 |
# File 'lib/fog/bouncer/security.rb', line 59 def use(name) @using << definitions(name) end |