Class: Awspec::Type::SecurityGroup

Inherits:

Base

• Object
• Base
• Awspec::Type::SecurityGroup

Defined in:

lib/awspec/type/security_group.rb

Constant Summary

Constants included from Helper::Finder

Helper::Finder::CLIENTS

Instance Attribute Summary

Attributes inherited from Base

#id, #resource_via_client

Instance Method Summary

• #inbound ⇒ Object
• #inbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean
• #inbound_rule_count ⇒ Object
• #initialize(id) ⇒ SecurityGroup constructor

  A new instance of SecurityGroup.

• #ip_permissions_count ⇒ Object (also: #inbound_permissions_count)
• #ip_permissions_egress_count ⇒ Object (also: #outbound_permissions_count)
• #opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean
• #outbound ⇒ Object
• #outbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean
• #outbound_rule_count ⇒ Object

Methods inherited from Base

aws_resource, #exists?, #inspect, #method_missing, #to_s

Methods included from BlackListForwardable

#method_missing_via_black_list

Methods included from Helper::Finder::Ami

#find_ami

Methods included from Helper::Finder::Directconnect

#find_virtual_interface, #select_virtual_interfaces

Methods included from Helper::Finder::Ses

#find_ses_identity

Methods included from Helper::Finder::Cloudwatch

#find_cloudwatch_alarm, #select_all_cloudwatch_alarms

Methods included from Helper::Finder::Elasticache

#find_cache_cluster, #find_cache_subnet_group

Methods included from Helper::Finder::Iam

#select_all_attached_policies, #select_attached_entities, #select_attached_groups, #select_attached_roles, #select_attached_users, #select_iam_group_by_user_name, #select_iam_policy_by_group_name, #select_iam_policy_by_role_name, #select_iam_policy_by_user_name, #select_policy_evaluation_results

Methods included from Helper::Finder::Lambda

#find_lambda, #select_event_source_by_function_arn

Methods included from Helper::Finder::Elb

#find_elb, #select_elb_by_vpc_id

Methods included from Helper::Finder::Ebs

#find_ebs, #select_all_attached_ebs, #select_ebs_by_instance_id

Methods included from Helper::Finder::Autoscaling

#find_autoscaling_group, #find_launch_configuration

Methods included from Helper::Finder::S3

#find_bucket, #find_bucket_acl, #find_bucket_cors, #find_bucket_policy, #select_all_buckets

Methods included from Helper::Finder::Route53

#find_hosted_zone, #select_record_sets_by_hosted_zone_id

Methods included from Helper::Finder::Rds

#find_rds, #select_rds_by_vpc_id

Methods included from Helper::Finder::SecurityGroup

#find_security_group, #select_security_group_by_vpc_id

Methods included from Helper::Finder::Ec2

#find_ec2, #find_ec2_attribute, #find_nat_gateway, #find_security_group, #select_ec2_by_vpc_id, #select_eip_by_instance_id, #select_nat_gateway_by_vpc_id

Methods included from Helper::Finder::Vpc

#find_network_acl, #find_route_table, #find_subnet, #find_vpc, #find_vpc_peering_connection, #select_network_acl_by_vpc_id, #select_route_table_by_vpc_id, #select_subnet_by_vpc_id

Constructor Details

#initialize(id) ⇒ SecurityGroup

Returns a new instance of SecurityGroup.

# File 'lib/awspec/type/security_group.rb', line 5

def initialize(id)
  super
  @inbound = true
  @resource_via_client = find_security_group(id)
  @id = @resource_via_client[:group_id] if @resource_via_client
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Awspec::Type::Base

Instance Method Details

#inbound ⇒ Object

# File 'lib/awspec/type/security_group.rb', line 68

def inbound
  @inbound = true
  self
end

#inbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/awspec/type/security_group.rb', line 20

def inbound_opened?(port = nil, protocol = nil, cidr = nil)
  @resource_via_client[:ip_permissions].find do |permission|
    next true unless port
    next true unless permission[:from_port]
    next true unless permission[:to_port]
    next false unless port_between?(port, permission[:from_port], permission[:to_port])
    next false if protocol && permission[:ip_protocol] != protocol
    next true unless cidr
    ret = permission[:ip_ranges].select do |ip_range|
      ip_range[:cidr_ip] == cidr
    end
    next true if ret.count > 0
    ret = permission[:user_id_group_pairs].select do |sg|
      next true if sg[:group_id] == cidr
      sg2 = find_security_group(sg[:group_id])
      next true if sg2[:group_name] == cidr
      sg2[:tags].find do |tag|
        tag[:key] == 'Name' && tag[:value] == cidr
      end
    end
    next true if ret.count > 0
  end
end

#inbound_rule_count ⇒ Object

# File 'lib/awspec/type/security_group.rb', line 88

def inbound_rule_count
  @resource_via_client[:ip_permissions].reduce(0) do |sum, permission|
    sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
  end
end

#ip_permissions_count ⇒ Object Also known as: inbound_permissions_count

# File 'lib/awspec/type/security_group.rb', line 78

def ip_permissions_count
  @resource_via_client[:ip_permissions].count
end

#ip_permissions_egress_count ⇒ Object Also known as: outbound_permissions_count

# File 'lib/awspec/type/security_group.rb', line 83

def ip_permissions_egress_count
  @resource_via_client[:ip_permissions_egress].count
end

#opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/awspec/type/security_group.rb', line 12

def opened?(port = nil, protocol = nil, cidr = nil)
  if @inbound
    return inbound_opened?(port, protocol, cidr)
  else
    return outbound_opened?(port, protocol, cidr)
  end
end

#outbound ⇒ Object

# File 'lib/awspec/type/security_group.rb', line 73

def outbound
  @inbound = false
  self
end

#outbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/awspec/type/security_group.rb', line 44

def outbound_opened?(port = nil, protocol = nil, cidr = nil)
  @resource_via_client[:ip_permissions_egress].find do |permission|
    next true unless port
    next true unless permission[:from_port]
    next true unless permission[:to_port]
    next false unless port_between?(port, permission[:from_port], permission[:to_port])
    next false if protocol && permission[:ip_protocol] != protocol
    next true unless cidr
    ret = permission[:ip_ranges].select do |ip_range|
      ip_range[:cidr_ip] == cidr
    end
    next true if ret.count > 0
    ret = permission[:user_id_group_pairs].select do |sg|
      next true if sg[:group_id] == cidr
      sg2 = find_security_group(sg[:group_id])
      next true if sg2[:group_name] == cidr
      sg2[:tags].find do |tag|
        tag[:key] == 'Name' && tag[:value] == cidr
      end
    end
    next true if ret.count > 0
  end
end

#outbound_rule_count ⇒ Object

# File 'lib/awspec/type/security_group.rb', line 94

def outbound_rule_count
  @resource_via_client[:ip_permissions_egress].reduce(0) do |sum, permission|
    sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
  end
end