Class: AWS::EC2::SecurityGroup::IpPermission

Inherits:
Object
  • Object
show all
Defined in:
lib/aws/ec2/security_group/ip_permission.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(security_group, protocol, ports, options = {}) ⇒ IpPermission

Returns a new instance of IpPermission.

Parameters:

  • protocol (:tcp, :udp, :icmp)
  • ports (Integer, Range<Integer>)

    A port or port range to allow.

  • options (Hash) (defaults to: {})

Options Hash (options):

  • :ip_ranges (Array)

    An array of CIDR ip address to grant permission to.

  • :groups (Array)

    An array of SecurityGroup objects to grant permission to.

  • :egress (Boolean) — default: false

    When true this IpPermission is assumed to be an egress permission.



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 36

def initialize security_group, protocol, ports, options = {}

  @security_group = security_group

  @protocol = protocol == '-1' ?  :any : protocol.to_s.downcase.to_sym

  @ip_ranges = Array(options[:ip_ranges])

  @groups = Array(options[:groups])

  @egress = options[:egress] || false

  # not all egress permissions require port ranges, depends on the
  # protocol
  if ports
    if ports.is_a?(Range)
      @port_range = ports
    else
      @port_range = Array(ports).first.to_i..Array(ports).last.to_i
    end
  end

  super

end

Instance Attribute Details

#egressBoolean (readonly)

Returns True if this is an egress permission.

Returns:

  • (Boolean)

    True if this is an egress permission



80
81
82
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 80

def egress
  @egress
end

#groupsArray (readonly)

Returns An array of security groups that have been granted access with this permission.

Returns:

  • (Array)

    An array of security groups that have been granted access with this permission.



77
78
79
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 77

def groups
  @groups
end

#ip_rangesArray (readonly)

Returns An array of string CIDR ip addresses.

Returns:

  • (Array)

    An array of string CIDR ip addresses.



73
74
75
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 73

def ip_ranges
  @ip_ranges
end

#port_rangeRange (readonly)

Returns The port range (e.g. 80..80, 4000..4010, etc).

Returns:

  • (Range)

    The port range (e.g. 80..80, 4000..4010, etc)



70
71
72
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 70

def port_range
  @port_range
end

#protocolSymbol (readonly)

Returns The protocol (:tcp, :udp, :icmp).

Returns:

  • (Symbol)

    The protocol (:tcp, :udp, :icmp)



67
68
69
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 67

def protocol
  @protocol
end

#security_groupSecurityGroup (readonly)

Returns The security group this permission is authorized for.

Returns:

  • (SecurityGroup)

    The security group this permission is authorized for.



64
65
66
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 64

def security_group
  @security_group
end

Instance Method Details

#authorizeIpPermission

Authorizes this permission from its security group.

Returns:



89
90
91
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 89

def authorize
  update_sg(egress? ? :authorize_egress : :authorize_ingress)
end

#egress?Boolean

Returns true if this is an egress permission.

Returns:

  • (Boolean)

    Returns true if this is an egress permission.



83
84
85
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 83

def egress?
  @egress ? true : false
end

#eql?(other) ⇒ Boolean Also known as: ==

Returns true if the other IpPermission matches this one.

Returns:

  • (Boolean)

    Returns true if the other IpPermission matches this one.



101
102
103
104
105
106
107
108
109
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 101

def eql? other
  other.is_a?(IpPermission) and
  other.security_group == security_group and
  other.protocol == protocol and
  other.port_range == port_range and
  other.ip_ranges.sort == ip_ranges.sort and
  other.groups.sort == groups.sort and
  other.egress? == egress?
end

#revokeIpPermission

Revokes this permission from its security group.

Returns:



95
96
97
# File 'lib/aws/ec2/security_group/ip_permission.rb', line 95

def revoke
  update_sg(egress? ? :revoke_egress : :revoke_ingress)
end