Class: Awspec::Type::SecurityGroup

Inherits:
Base
  • Object
show all
Defined in:
lib/awspec/type/security_group.rb

Constant Summary

Constants included from Helper::Finder

Helper::Finder::CLIENTS

Instance Attribute Summary

Attributes inherited from Base

#id, #resource_via_client

Instance Method Summary collapse

Methods inherited from Base

aws_resource, #exists?, #inspect, #method_missing, tags_allowed, #to_s

Methods included from BlackListForwardable

#method_missing_via_black_list

Methods included from Helper::Finder::Cloudtrail

#find_trail, #get_trail_status, #is_logging?, #select_all_trails

Methods included from Helper::Finder::Elastictranscoder

#find_pipeline

Methods included from Helper::Finder::Cloudfront

#find_cloudfront_distribution

Methods included from Helper::Finder::Ami

#find_ami

Methods included from Helper::Finder::Directconnect

#find_virtual_interface, #select_virtual_interfaces

Methods included from Helper::Finder::Ses

#find_ses_identity

Methods included from Helper::Finder::CloudwatchEvent

#find_cloudwatch_event, #select_all_cloudwatch_events

Methods included from Helper::Finder::Cloudwatch

#find_cloudwatch_alarm, #select_all_cloudwatch_alarms

Methods included from Helper::Finder::Elasticache

#find_cache_cluster, #find_cache_subnet_group

Methods included from Helper::Finder::Iam

#select_all_attached_policies, #select_all_iam_groups, #select_all_iam_roles, #select_all_iam_users, #select_attached_entities, #select_attached_groups, #select_attached_roles, #select_attached_users, #select_iam_group_by_user_name, #select_policy_evaluation_results

Methods included from Helper::Finder::Lambda

#find_lambda, #select_all_lambda_functions, #select_event_source_by_function_arn

Methods included from Helper::Finder::Elb

#find_elb, #select_elb_by_vpc_id

Methods included from Helper::Finder::Ebs

#find_ebs, #select_all_attached_ebs, #select_ebs_by_instance_id

Methods included from Helper::Finder::Autoscaling

#find_autoscaling_group, #find_launch_configuration

Methods included from Helper::Finder::S3

#find_bucket, #find_bucket_acl, #find_bucket_cors, #find_bucket_logging, #find_bucket_policy, #find_bucket_versioning, #select_all_buckets

Methods included from Helper::Finder::Route53

#find_hosted_zone, #select_record_sets_by_hosted_zone_id

Methods included from Helper::Finder::Rds

#find_rds, #select_rds_by_vpc_id

Methods included from Helper::Finder::SecurityGroup

#find_security_group, #select_security_group_by_vpc_id

Methods included from Helper::Finder::Ec2

#find_ec2, #find_ec2_attribute, #find_ec2_status, #find_nat_gateway, #find_network_interface, #select_ec2_by_vpc_id, #select_eip_by_instance_id, #select_nat_gateway_by_vpc_id, #select_network_interface_by_vpc_id

Methods included from Helper::Finder::Subnet

#find_subnet, #select_subnet_by_vpc_id

Methods included from Helper::Finder::Vpc

#find_network_acl, #find_route_table, #find_vpc, #find_vpc_peering_connection, #select_network_acl_by_vpc_id, #select_route_table_by_vpc_id

Constructor Details

#initialize(id) ⇒ SecurityGroup

Returns a new instance of SecurityGroup.



6
7
8
9
10
11
 
# File 'lib/awspec/type/security_group.rb', line 6

def initialize(id)
  super
  @inbound = true
  @resource_via_client = find_security_group(id)
  @id = @resource_via_client.group_id if @resource_via_client
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Awspec::Type::Base

Instance Method Details

#inboundObject 



57
58
59
60
 
# File 'lib/awspec/type/security_group.rb', line 57

def inbound
  @inbound = true
  self
end

#inbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

  • (Boolean) 


23
24
25
26
27
 
# File 'lib/awspec/type/security_group.rb', line 23

def inbound_opened?(port = nil, protocol = nil, cidr = nil)
  @resource_via_client.ip_permissions.find do |permission|
    cidr_opened?(permission, cidr) && protocol_opened?(permission, protocol) && port_opened?(permission, port)
  end
end

#inbound_opened_only?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

  • (Boolean) 


29
30
31
32
33
34
35
36
37
38
 
# File 'lib/awspec/type/security_group.rb', line 29

def inbound_opened_only?(port = nil, protocol = nil, cidr = nil)
  permissions = @resource_via_client.ip_permissions.select do |permission|
    protocol_opened?(permission, protocol) && port_opened?(permission, port)
  end
  cidrs = []
  permissions.each do |permission|
    permission.ip_ranges.select { |ip_range| cidrs.push(ip_range.cidr_ip) }
  end
  cidrs == Array(cidr)
end

#inbound_rule_countObject 



77
78
79
80
81
 
# File 'lib/awspec/type/security_group.rb', line 77

def inbound_rule_count
  @resource_via_client.ip_permissions.reduce(0) do |sum, permission|
    sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
  end
end

#ip_permissions_countObject Also known as: inbound_permissions_count 



67
68
69
 
# File 'lib/awspec/type/security_group.rb', line 67

def ip_permissions_count
  @resource_via_client.ip_permissions.count
end

#ip_permissions_egress_countObject Also known as: outbound_permissions_count 



72
73
74
 
# File 'lib/awspec/type/security_group.rb', line 72

def ip_permissions_egress_count
  @resource_via_client.ip_permissions_egress.count
end

#opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

  • (Boolean) 


13
14
15
16
 
# File 'lib/awspec/type/security_group.rb', line 13

def opened?(port = nil, protocol = nil, cidr = nil)
  return inbound_opened?(port, protocol, cidr) if @inbound
  outbound_opened?(port, protocol, cidr)
end

#opened_only?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

  • (Boolean) 


18
19
20
21
 
# File 'lib/awspec/type/security_group.rb', line 18

def opened_only?(port = nil, protocol = nil, cidr = nil)
  return inbound_opened_only?(port, protocol, cidr) if @inbound
  outbound_opened_only?(port, protocol, cidr)
end

#outboundObject 



62
63
64
65
 
# File 'lib/awspec/type/security_group.rb', line 62

def outbound
  @inbound = false
  self
end

#outbound_opened?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

  • (Boolean) 


40
41
42
43
44
 
# File 'lib/awspec/type/security_group.rb', line 40

def outbound_opened?(port = nil, protocol = nil, cidr = nil)
  @resource_via_client.ip_permissions_egress.find do |permission|
    cidr_opened?(permission, cidr) && protocol_opened?(permission, protocol) && port_opened?(permission, port)
  end
end

#outbound_opened_only?(port = nil, protocol = nil, cidr = nil) ⇒ Boolean

Returns:

  • (Boolean) 


46
47
48
49
50
51
52
53
54
55
 
# File 'lib/awspec/type/security_group.rb', line 46

def outbound_opened_only?(port = nil, protocol = nil, cidr = nil)
  permissions = @resource_via_client.ip_permissions_egress.select do |permission|
    protocol_opened?(permission, protocol) && port_opened?(permission, port)
  end
  cidrs = []
  permissions.each do |permission|
    permission.ip_ranges.select { |ip_range| cidrs.push(ip_range.cidr_ip) }
  end
  cidrs == Array(cidr)
end

#outbound_rule_countObject 



83
84
85
86
87
 
# File 'lib/awspec/type/security_group.rb', line 83

def outbound_rule_count
  @resource_via_client.ip_permissions_egress.reduce(0) do |sum, permission|
    sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
  end
end