Class: Awspec::Type::SecurityGroup

Inherits:

Base

• Object
• Base
• Awspec::Type::SecurityGroup

Defined in:

lib/awspec/type/security_group.rb

Instance Attribute Summary

• #client ⇒ Object readonly

  Returns the value of attribute client.

Attributes inherited from Base

#id, #resource

Attributes included from Helper::Finder

#ec2_client

Instance Method Summary

• #inbound ⇒ Object
• #inbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean
• #initialize(id) ⇒ SecurityGroup constructor

  A new instance of SecurityGroup.

• #ip_permissions_count ⇒ Object (also: #inbound_permissions_count)
• #ip_permissions_egress_count ⇒ Object (also: #outbound_permissions_count)
• #opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean
• #outbound ⇒ Object
• #outbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Methods inherited from Base

#exists?, #inspect, #method_missing, #to_s

Methods included from Helper::Finder::Cloudwatch

#find_cloudwatch_alarm

Methods included from Helper::Finder::Elasticache

#find_cache_cluster, #find_cache_subnet_group

Methods included from Helper::Finder::Iam

#select_all_attached_policies, #select_attached_entities, #select_attached_groups, #select_attached_roles, #select_attached_users, #select_iam_group_by_user_name, #select_iam_policy_by_group_name, #select_iam_policy_by_role_name, #select_iam_policy_by_user_name, #select_policy_evaluation_results

Methods included from Helper::Finder::Lambda

#find_lambda, #select_event_source_by_function_arn

Methods included from Helper::Finder::Elb

#find_elb, #select_elb_by_vpc_id

Methods included from Helper::Finder::Ebs

#find_ebs, #select_ebs_by_instance_id

Methods included from Helper::Finder::AutoScaling

#find_auto_scaling_group

Methods included from Helper::Finder::S3

#find_bucket

Methods included from Helper::Finder::Route53

#find_hosted_zone

Methods included from Helper::Finder::Rds

#find_rds, #select_rds_by_vpc_id

Methods included from Helper::Finder::SecurityGroup

#find_security_group, #select_security_group_by_vpc_id

Methods included from Helper::Finder::Ec2

#find_ec2, #find_ec2_attribute, #find_internet_gateway, #find_security_group, #find_subnet, #select_ec2_by_vpc_id, #select_eip_by_instance_id

Methods included from Helper::Finder::Vpc

#find_network_acl, #find_route_table, #find_vpc, #select_network_acl_by_vpc_id, #select_route_table_by_vpc_id

Constructor Details

#initialize(id) ⇒ SecurityGroup

Returns a new instance of SecurityGroup.

# File 'lib/awspec/type/security_group.rb', line 5

def initialize(id)
  super
  @client = @ec2_client
  @inbound = true
  @resource = find_security_group(id)
  @id = @resource[:group_id] if @resource
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Awspec::Type::Base

Instance Attribute Details

#client ⇒ Object (readonly)

Returns the value of attribute client.

# File 'lib/awspec/type/security_group.rb', line 3

def client
  @client
end

Instance Method Details

#inbound ⇒ Object

# File 'lib/awspec/type/security_group.rb', line 69

def inbound
  @inbound = true
  self
end

#inbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/awspec/type/security_group.rb', line 21

def inbound_opened?(port = nil, protocol = nil, cidr = nil)
  @resource[:ip_permissions].find do |permission|
    next true unless port
    next true unless permission[:from_port]
    next true unless permission[:to_port]
    next false unless port.between?(permission[:from_port], permission[:to_port])
    next false if protocol && permission[:ip_protocol] != protocol
    next true unless cidr
    ret = permission[:ip_ranges].select do |ip_range|
      ip_range[:cidr_ip] == cidr
    end
    next true if ret.count > 0
    ret = permission[:user_id_group_pairs].select do |sg|
      next true if sg[:group_id] == cidr
      sg2 = find_security_group(sg[:group_id])
      next true if sg2[:group_name] == cidr
      sg2[:tags].find do |tag|
        tag[:key] == 'Name' && tag[:value] == cidr
      end
    end
    next true if ret.count > 0
  end
end

#ip_permissions_count ⇒ Object Also known as: inbound_permissions_count

# File 'lib/awspec/type/security_group.rb', line 79

def ip_permissions_count
  @resource[:ip_permissions].count
end

#ip_permissions_egress_count ⇒ Object Also known as: outbound_permissions_count

# File 'lib/awspec/type/security_group.rb', line 84

def ip_permissions_egress_count
  @resource[:ip_permissions_egress].count
end

#opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/awspec/type/security_group.rb', line 13

def opened?(port = nil, protocol = nil, cidr = nil)
  if @inbound
    return inbound_opened?(port, protocol, cidr)
  else
    return outbound_opened?(port, protocol, cidr)
  end
end

#outbound ⇒ Object

# File 'lib/awspec/type/security_group.rb', line 74

def outbound
  @inbound = false
  self
end

#outbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/awspec/type/security_group.rb', line 45

def outbound_opened?(port = nil, protocol = nil, cidr = nil)
  @resource[:ip_permissions_egress].find do |permission|
    next true unless port
    next true unless permission[:from_port]
    next true unless permission[:to_port]
    next false unless port.between?(permission[:from_port], permission[:to_port])
    next false if protocol && permission[:ip_protocol] != protocol
    next true unless cidr
    ret = permission[:ip_ranges].select do |ip_range|
      ip_range[:cidr_ip] == cidr
    end
    next true if ret.count > 0
    ret = permission[:user_id_group_pairs].select do |sg|
      next true if sg[:group_id] == cidr
      sg2 = find_security_group(sg[:group_id])
      next true if sg2[:group_name] == cidr
      sg2[:tags].find do |tag|
        tag[:key] == 'Name' && tag[:value] == cidr
      end
    end
    next true if ret.count > 0
  end
end