Class: Fog::AWS::Compute::SecurityGroup
- Inherits:
-
Model
- Object
- Model
- Fog::AWS::Compute::SecurityGroup
- Defined in:
- lib/fog/aws/models/compute/security_group.rb
Instance Method Summary collapse
-
#authorize_group_and_owner(group, owner = nil) ⇒ Object
Authorize access by another security group.
-
#authorize_port_range(range, options = {}) ⇒ Object
Authorize a new port range for a security group.
- #authorize_port_range_egress(group_id, ip_permission) ⇒ Object
- #authorize_port_range_ingress(group_id, ip_permission) ⇒ Object
-
#destroy ⇒ Object
Removes an existing security group.
-
#reload ⇒ Object
Reload a security group.
-
#revoke_group_and_owner(group, owner = nil) ⇒ Object
Revoke access by another security group.
-
#revoke_port_range(range, options = {}) ⇒ Object
Revoke an existing port range for a security group.
- #revoke_port_range_egress(group_id, ip_permission) ⇒ Object
- #revoke_port_range_ingress(group_id, ip_permission) ⇒ Object
-
#save ⇒ Object
Create a security group.
Instance Method Details
#authorize_group_and_owner(group, owner = nil) ⇒ Object
Authorize access by another security group
>> g = AWS.security_groups.all(:description => "something").first
>> g.authorize_group_and_owner("some_group_name", "1234567890")
Parameters:
- group
-
The name of the security group you’re granting access to.
- owner
-
The owner id for security group you’re granting access to.
Returns:
An excon response object representing the result
<Excon::Response:0x101fc2ae0
@status=200,
@body={"requestId"=>"some-id-string",
"return"=>true},
headers{"Transfer-Encoding"=>"chunked",
"Date"=>"Mon, 27 Dec 2010 22:12:57 GMT",
"Content-Type"=>"text/xml;charset=UTF-8",
"Server"=>"AmazonEC2"}
40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 40 def (group, owner = nil) Fog::Logger.deprecation("authorize_group_and_owner is deprecated, use authorize_port_range with :group option instead") requires_one :name, :group_id service.( name, 'GroupId' => group_id, 'SourceSecurityGroupName' => group, 'SourceSecurityGroupOwnerId' => owner ) end |
#authorize_port_range(range, options = {}) ⇒ Object
Authorize a new port range for a security group
>> g = AWS.security_groups.all(:description => "something").first
>> g.authorize_port_range(20..21)
Parameters:
- range
-
A Range object representing the port range you want to open up. E.g., 20..21
- options
-
A hash that can contain any of the following keys:
:cidr_ip (defaults to "0.0.0.0/0") :group - ("account:group_name" or "account:group_id"), cannot be used with :cidr_ip :ip_protocol (defaults to "tcp")
Returns:
An excon response object representing the result
<Excon::Response:0x101fc2ae0
@status=200,
@body={"requestId"=>"some-id-string",
"return"=>true},
headers{"Transfer-Encoding"=>"chunked",
"Date"=>"Mon, 27 Dec 2010 22:12:57 GMT",
"Content-Type"=>"text/xml;charset=UTF-8",
"Server"=>"AmazonEC2"}
82 83 84 85 86 87 88 89 90 91 92 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 82 def (range, = {}) requires_one :name, :group_id = (range, ) if [:direction].nil? || [:direction] == 'ingress' group_id, elsif [:direction] == 'egress' group_id, end end |
#authorize_port_range_egress(group_id, ip_permission) ⇒ Object
102 103 104 105 106 107 108 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 102 def (group_id, ) service.( name, 'GroupId' => group_id, 'IpPermissions' => [ ] ) end |
#authorize_port_range_ingress(group_id, ip_permission) ⇒ Object
94 95 96 97 98 99 100 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 94 def (group_id, ) service.( name, 'GroupId' => group_id, 'IpPermissions' => [ ] ) end |
#destroy ⇒ Object
Removes an existing security group
security_group.destroy
Returns
True or false depending on the result
119 120 121 122 123 124 125 126 127 128 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 119 def destroy requires_one :name, :group_id if group_id.nil? service.delete_security_group(name) else service.delete_security_group(nil, group_id) end true end |
#reload ⇒ Object
Reload a security group
>> g = AWS.security_groups.get(:name => "some_name")
>> g.reload
== Returns:
Up to date model or an exception
235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 235 def reload if group_id.nil? super service.delete_security_group(name) else requires :group_id data = begin collection.get_by_id(group_id) rescue Excon::Errors::SocketError nil end return unless data merge_attributes(data.attributes) self end end |
#revoke_group_and_owner(group, owner = nil) ⇒ Object
Revoke access by another security group
>> g = AWS.security_groups.all(:description => "something").first
>> g.revoke_group_and_owner("some_group_name", "1234567890")
Parameters:
- group
-
The name of the security group you’re revoking access to.
- owner
-
The owner id for security group you’re revoking access access to.
Returns:
An excon response object representing the result
<Excon::Response:0x101fc2ae0
@status=200,
@body={"requestId"=>"some-id-string",
"return"=>true},
headers{"Transfer-Encoding"=>"chunked",
"Date"=>"Mon, 27 Dec 2010 22:12:57 GMT",
"Content-Type"=>"text/xml;charset=UTF-8",
"Server"=>"AmazonEC2"}
156 157 158 159 160 161 162 163 164 165 166 167 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 156 def revoke_group_and_owner(group, owner = nil) Fog::Logger.deprecation("revoke_group_and_owner is deprecated, use revoke_port_range with :group option instead") requires_one :name, :group_id service.revoke_security_group_ingress( name, 'GroupId' => group_id, 'SourceSecurityGroupName' => group, 'SourceSecurityGroupOwnerId' => owner ) end |
#revoke_port_range(range, options = {}) ⇒ Object
Revoke an existing port range for a security group
>> g = AWS.security_groups.all(:description => "something").first
>> g.revoke_port_range(20..21)
Parameters:
- range
-
A Range object representing the port range you want to open up. E.g., 20..21
- options
-
A hash that can contain any of the following keys:
:cidr_ip (defaults to "0.0.0.0/0") :group - ("account:group_name" or "account:group_id"), cannot be used with :cidr_ip :ip_protocol (defaults to "tcp")
Returns:
An excon response object representing the result
<Excon::Response:0x101fc2ae0
@status=200,
@body={"requestId"=>"some-id-string",
"return"=>true},
headers{"Transfer-Encoding"=>"chunked",
"Date"=>"Mon, 27 Dec 2010 22:12:57 GMT",
"Content-Type"=>"text/xml;charset=UTF-8",
"Server"=>"AmazonEC2"}
198 199 200 201 202 203 204 205 206 207 208 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 198 def revoke_port_range(range, = {}) requires_one :name, :group_id = (range, ) if [:direction].nil? || [:direction] == 'ingress' revoke_port_range_ingress group_id, elsif [:direction] == 'egress' revoke_port_range_egress group_id, end end |
#revoke_port_range_egress(group_id, ip_permission) ⇒ Object
218 219 220 221 222 223 224 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 218 def revoke_port_range_egress(group_id, ) service.revoke_security_group_egress( name, 'GroupId' => group_id, 'IpPermissions' => [ ] ) end |
#revoke_port_range_ingress(group_id, ip_permission) ⇒ Object
210 211 212 213 214 215 216 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 210 def revoke_port_range_ingress(group_id, ) service.revoke_security_group_ingress( name, 'GroupId' => group_id, 'IpPermissions' => [ ] ) end |
#save ⇒ Object
Create a security group
>> g = AWS.security_groups.new(:name => "some_name", :description => "something")
>> g.save
Returns:
True or an exception depending on the result. Keep in mind that this creates a new security group. As such, it yields an InvalidGroup.Duplicate exception if you attempt to save an existing group.
267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 |
# File 'lib/fog/aws/models/compute/security_group.rb', line 267 def save requires :description, :name data = service.create_security_group(name, description, vpc_id).body new_attributes = data.reject {|key,value| key == 'requestId'} merge_attributes(new_attributes) if = self. # expect eventual consistency Fog.wait_for { self.reload rescue nil } service.( self.group_id, ) end true end |