Class: HolePunch::EC2
- Inherits:
-
Object
- Object
- HolePunch::EC2
- Defined in:
- lib/holepunch/ec2.rb
Instance Attribute Summary collapse
-
#ec2 ⇒ Object
readonly
Returns the value of attribute ec2.
-
#region ⇒ Object
readonly
Returns the value of attribute region.
Instance Method Summary collapse
- #apply(definition) ⇒ Object
-
#initialize(opts = {}) ⇒ EC2
constructor
A new instance of EC2.
Constructor Details
#initialize(opts = {}) ⇒ EC2
Returns a new instance of EC2.
28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/holepunch/ec2.rb', line 28 def initialize(opts = {}) opts = { aws_access_key_id: ENV['AWS_ACCESS_KEY_ID'], aws_secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'], aws_region: ENV['AWS_REGION'], }.merge(opts) AWS.config({ access_key_id: opts[:aws_access_key_id], secret_access_key: opts[:aws_secret_access_key], region: opts[:aws_region], }) @ec2 = AWS::EC2.new @region = @ec2.regions[opts[:aws_region]] @vpc_id = opts[:aws_vpc_id] end |
Instance Attribute Details
#ec2 ⇒ Object (readonly)
Returns the value of attribute ec2.
25 26 27 |
# File 'lib/holepunch/ec2.rb', line 25 def ec2 @ec2 end |
#region ⇒ Object (readonly)
Returns the value of attribute region.
26 27 28 |
# File 'lib/holepunch/ec2.rb', line 26 def region @region end |
Instance Method Details
#apply(definition) ⇒ Object
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 |
# File 'lib/holepunch/ec2.rb', line 46 def apply(definition) # get the security group data from the AWS servers fetch! # ensure dependency groups exist definition.groups.select { |id, group| group.dependency }.each do |id, group| unless exists?(id) raise GroupDoesNotExistError, "Dependent security group '#{id}' does not exist" end end # find/create the groups ec2_groups = {} definition.groups.each do |id, group| ec2_group = find(id) if ec2_group.nil? Logger.log(:create, id) ec2_group = create(id, group.desc, @vpc_id) end ec2_groups[id] = ec2_group end definition.groups.each do |id, group| next if group.dependency ec2_group = ec2_groups[id] # revoke existing ingresses no longer desired ec2_group..each do |ec2_perm| revoke_sources = [] ec2_perm.groups.each do |source| unless group.include_ingress?(ec2_perm.protocol, ec2_perm.port_range, source.name) revoke_sources << source end end ec2_perm.ip_ranges.each do |source| unless group.include_ingress?(ec2_perm.protocol, ec2_perm.port_range, source) revoke_sources << source end end unless revoke_sources.empty? Logger.log("revoke #{ec2_perm.protocol}", "#{id} #{sources_list_to_s(revoke_sources)} #{ec2_perm.port_range}") ec2_group.revoke_ingress(ec2_perm.protocol, ec2_perm.port_range, *revoke_sources) end end # add new ingresses group.ingresses.each do |perm| new_sources = [] perm.sources.each do |source| if HolePunch.cidr?(source) unless group_has_ingress(ec2_group, perm.type, perm.ports, source) new_sources << source end else ec2_source_group = ec2_groups[source] if ec2_source_group.nil? raise GroupDoesNotExistError, "unknown security group '#{source}" end unless group_has_ingress(ec2_group, perm.type, perm.ports, ec2_source_group) new_sources << ec2_source_group end end end unless new_sources.empty? Logger.log(perm.type, "#{id} #{sources_list_to_s(new_sources)} #{perm.ports}") ec2_group.(perm.type, perm.ports, *new_sources) end end end end |