Class: Convection::Model::Template::Resource::EC2SecurityGroup

Inherits:
Convection::Model::Template::Resource show all
Includes:
DSL::Template::Resource::EC2SecurityGroup, Mixin::Taggable
Defined in:
lib/convection/model/template/resource/aws_ec2_security_group.rb

Overview

AWS::EC2::SecurityGroup

Examples:

ec2_security_group 'SuperSecretSecurityGroup' do
  description 'This is a super secure group that nobody should know about.'
  vpc 'vpc-deadb33f'
end

See Also:

Defined Under Namespace

Classes: Rule

Instance Attribute Summary collapse

Attributes inherited from Convection::Model::Template::Resource

#exist, #name, #parent, #properties, #resource_attributes, #template

Instance Method Summary collapse

Methods included from Mixin::Taggable

#immutable_metadata, #render_tags, #tag, #tags

Methods included from DSL::Template::Resource::EC2SecurityGroup

#egress_rule, #ingress_rule

Methods inherited from Convection::Model::Template::Resource

#as_attribute, attach_method, #deletion_policy, #depends_on, properties, property, #property, #reference, type, #type, #with_output

Methods included from Mixin::Conditional

#condition, #render_condition

Methods included from DSL::Template::Resource

#_terraform_module_dir_to_flag, #_terraform_module_flag_to_dir, attach_resource, attach_resource_collection, resource_collection_dsl_methods, resource_dsl_methods

Methods included from DSL::Helpers

#camel_case, included, method_name, #screaming_snake_case, #snake_case

Methods included from DSL::IntrinsicFunctions

#base64, #find_in_map, #fn_and, #fn_equals, #fn_if, #fn_import_value, #fn_not, #fn_or, #fn_ref, #fn_sub, #get_att, #get_azs, included, #join, mixers, #select

Constructor Details

#initialize(*args) ⇒ EC2SecurityGroup

Returns a new instance of EC2SecurityGroup.



105
106
107
108
109
110
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 105

def initialize(*args)
  super

  @security_group_ingress = []
  @security_group_egress = []
end

Instance Attribute Details

#security_group_egressObject (readonly)

Returns the value of attribute security_group_egress.



54
55
56
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 54

def security_group_egress
  @security_group_egress
end

#security_group_ingressObject (readonly)

Returns the value of attribute security_group_ingress.



53
54
55
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 53

def security_group_ingress
  @security_group_ingress
end

Instance Method Details

#descriptionObject #description(value) ⇒ Object

Overloads:

  • #descriptionObject

    Returns the value of the ‘GroupDescription’ CloudFormation property.

  • #description(value) ⇒ Object

    Sets the ‘GroupDescription’ CloudFormation property.

    Parameters:

    • value

      the value to set the ‘GroupDescription’ CloudFormation property to.



102
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 102

property :description, 'GroupDescription'

#render(*args) ⇒ Object 



112
113
114
115
116
117
118
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 112

def render(*args)
  super.tap do |resource|
    resource['Properties']['SecurityGroupIngress'] = security_group_ingress.map(&:render)
    resource['Properties']['SecurityGroupEgress'] = security_group_egress.map(&:render)
    render_tags(resource)
  end
end

#terraform_import_commands(module_path: 'root') ⇒ Object 



164
165
166
167
168
169
170
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 164

def terraform_import_commands(module_path: 'root')
  prefix = "#{module_path}." unless module_path == 'root'
  resource_id = stack.resources[name] && stack.resources[name].physical_resource_id
  commands = ['# Import the security group:']
  commands << "terraform import #{prefix}aws_security_group.#{name.underscore} #{resource_id}"
  commands
end

#to_hcl_jsonObject 



120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 120

def to_hcl_json(*)
  tf_sg_name = name.underscore
  tf_sg_var_id = "${aws_security_group.#{tf_sg_name}.id}"
  tf_resources = []

  # Define the security group resource.
  tf_resources << {
    aws_security_group: {
      tf_sg_name => {
        vpc_id: vpc,
        description: description,
        tags: tags.reject { |_, v| v.nil? }
      }.reject { |_, v| v.nil? }
    }
  }

  tf_sg_rules = {}

  # Define helper functions to map Convection rules to Terraform ones.
  sg_rule_to_tf = lambda do |rule_type, item, index|
    tf_sg_rule_name = "#{tf_sg_name}_#{rule_type}_#{index}"

    tf_sg_rules[tf_sg_rule_name] = {
      type: rule_type,
      security_group_id: tf_sg_var_id,
      from_port: item.from,
      to_port: item.to,
      protocol: item.protocol,
      cidr_block: item.source,
      # TODO: Missing attribs & checks. Should probably be defined as a
      #       seperate function to reuse for egress.
    }.reject { |_, v| v.nil? }
  end

  # Map the contained rules to TF.
  security_group_ingress.each_with_index { |item, obj| sg_rule_to_tf.call('ingress', item, obj) }
  security_group_egress.each_with_index { |item, obj| sg_rule_to_tf.call('egress', item, obj) }

  tf_resources << { aws_security_group_rule: tf_sg_rules }

  # Return the JSON representation of this resource.
  { resource: tf_resources }.to_json
end

#vpcObject #vpc(value) ⇒ Object

Overloads:

  • #vpcObject

    Returns the value of the ‘VpcId’ CloudFormation property.

  • #vpc(value) ⇒ Object

    Sets the ‘VpcId’ CloudFormation property.

    Parameters:

    • value

      the value to set the ‘VpcId’ CloudFormation property to.



103
 
# File 'lib/convection/model/template/resource/aws_ec2_security_group.rb', line 103

property :vpc, 'VpcId'