Class: Fog::Bouncer::Security

Inherits:
Object
  • Object
show all
Defined in:
lib/fog/bouncer/security.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(name, specific_groups = [], &block) ⇒ Security

Returns a new instance of Security.



8
9
10
11
12
13
14
15
 
# File 'lib/fog/bouncer/security.rb', line 8

def initialize(name, specific_groups = [], &block)
  @name = name
  @definitions = {}
  @specific_groups = specific_groups
  @using = []
  instance_eval(&block)
  apply_definitions
end

Instance Attribute Details

#descriptionObject (readonly)

Returns the value of attribute description.



6
7
8
 
# File 'lib/fog/bouncer/security.rb', line 6

def description
  @description
end

#nameObject (readonly)

Returns the value of attribute name.



6
7
8
 
# File 'lib/fog/bouncer/security.rb', line 6

def name
  @name
end

Instance Method Details

#accountsObject 



17
18
19
 
# File 'lib/fog/bouncer/security.rb', line 17

def accounts
  @accounts ||= { 'amazon-elb' => 'amazon-elb', 'self' => Fog::Bouncer. }
end

#clear_remoteObject 



63
64
65
 
# File 'lib/fog/bouncer/security.rb', line 63

def clear_remote
  GroupManager.new(self).clear
end

#clear_remote!Object 



67
68
69
70
71
72
 
# File 'lib/fog/bouncer/security.rb', line 67

def clear_remote!
  log clear_remote!: true
  until groups.select { |g| g.remote? }.size == 1
    clear_remote
  end
end

#define(name, sources, &block) ⇒ Object

Raises:



21
22
23
24
 
# File 'lib/fog/bouncer/security.rb', line 21

def define(name, sources, &block)
  raise SourceBlockRequired unless block_given?
  @definitions[name] = { sources: Array(sources), block: block }
end

#definitions(name) ⇒ Object 



26
27
28
 
# File 'lib/fog/bouncer/security.rb', line 26

def definitions(name)
  @definitions[name] || raise(DefinitionNotFound.new("No definition found for #{name}."))
end

#extra_remote_groupsObject 



30
31
32
 
# File 'lib/fog/bouncer/security.rb', line 30

def extra_remote_groups
  groups.select { |group| !group.local? && group.remote? }
end

#groupsObject 



34
35
36
 
# File 'lib/fog/bouncer/security.rb', line 34

def groups
  @groups ||= []
end

#import_remote_groupsObject 



38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/fog/bouncer/security.rb', line 38

def import_remote_groups
  Fog::Bouncer.fog.security_groups.each do |remote_group|
    next if remote_group.vpc_id
    next if @specific_groups.any? && !@specific_groups.include?(remote_group.name)
    group = group(remote_group.name, remote_group.description)
    group.remote = remote_group
    if remote_group.ip_permissions && remote_group.ip_permissions.all?{|p| %w[icmp tcp udp].include?(p["ipProtocol"]) }
      IPPermissions.to(group, remote_group.ip_permissions)
    end
  end
end

#missing_remote_groupsObject 



50
51
52
 
# File 'lib/fog/bouncer/security.rb', line 50

def missing_remote_groups
  groups.select { |group| group.local? && !group.remote? }
end

#syncObject 



54
55
56
57
 
# File 'lib/fog/bouncer/security.rb', line 54

def sync
  log(group_limit: 500, groups: groups.size)
  GroupManager.new(self).synchronize
end

#use(name) ⇒ Object 



59
60
61
 
# File 'lib/fog/bouncer/security.rb', line 59

def use(name)
  @using << definitions(name)
end