Module: Reyes::GroupTools
- Defined in:
- lib/reyes/group_tools.rb
Overview
A few methods for manipulating EC2 SecurityGroup and IpPermission objects that really should be in the aws-sdk. These are taken directly from space-commander.
Class Method Summary collapse
- .all_ports(protocol) ⇒ Object
- .group_to_hash(group) ⇒ Object
-
.inspect_perm(perm, options = {}) ⇒ Object
Inspect an AWS::EC2::SecurityGroup::IpPermission object.
- .perm_to_hash(perm) ⇒ Object
-
.pretty_perm(perm, options = {}) ⇒ Object
Print a pretty representation of an AWS::EC2::SecurityGroup::IpPermission object.
Class Method Details
.all_ports(protocol) ⇒ Object
130 131 132 133 134 135 136 137 138 139 140 141 142 |
# File 'lib/reyes/group_tools.rb', line 130 def self.all_ports(protocol) case protocol when :icmp -1..-1 when :tcp, :udp 0..65535 when :any, :'-1', -1 nil else msg = "Don't know how to allow 'all' ports for " + protocol.inspect raise NotImplementedError.new(msg) end end |
.group_to_hash(group) ⇒ Object
119 120 121 122 123 124 125 126 127 128 |
# File 'lib/reyes/group_tools.rb', line 119 def self.group_to_hash(group) h = { :name => group.name, :description => group.description, :inbound => group..map {|p| perm_to_hash(p)}, :outbound => group..map {|p| perm_to_hash(p)}, } h end |
.inspect_perm(perm, options = {}) ⇒ Object
Inspect an AWS::EC2::SecurityGroup::IpPermission object. May issue API calls to resolve security group names.
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 |
# File 'lib/reyes/group_tools.rb', line 57 def self.inspect_perm(perm, ={}) unless perm.is_a?(AWS::EC2::SecurityGroup::IpPermission) raise ArgumentError.new("Not an IpPermission: #{perm.inspect}") end s = "#<IpPermission #{perm.egress? ? :egress : :ingress}" s << " @security_group=<#{perm.security_group.id} #{perm.security_group.name}>" s << " @protocol=#{perm.protocol.inspect}" s << " @port_range=#{perm.port_range.inspect}" unless perm.ip_ranges.empty? s << " @ip_ranges=#{perm.ip_ranges.inspect}" end unless perm.groups.empty? # use cache to find groups if one was provided if [:cache] groups = [:cache].unsafe_get_many(perm.groups) else groups = perm.groups end s << " @groups=[#{groups.map{|g| "<#{g.name} #{g.id}>"}.join(", ")}]" end s end |
.perm_to_hash(perm) ⇒ Object
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
# File 'lib/reyes/group_tools.rb', line 85 def self.perm_to_hash(perm) h = {} h[:protocol] = perm.protocol.to_s h[:label] = '' port = perm.port_range if port == all_ports(perm.protocol) h[:port] = 'all' else if port.first == port.last h[:port] = port.first else h[:port] = "#{port.first}-#{port.last}" end end # TODO: convert /32s back into hostname from config.yaml if possible if perm.ip_ranges.length > 1 h[:cidr] = perm.ip_ranges elsif perm.ip_ranges.length == 1 h[:cidr] = perm.ip_ranges.first if h[:cidr] == '0.0.0.0/0' h[:cidr] = 'all' end end if perm.groups.length > 0 h[:groups] = perm.groups.map(&:name) end h end |
.pretty_perm(perm, options = {}) ⇒ Object
Print a pretty representation of an AWS::EC2::SecurityGroup::IpPermission object. May issue API calls to resolve security group names.
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/reyes/group_tools.rb', line 22 def self.pretty_perm(perm, ={}) = {:indent => 0, :include_group => true}.merge() indent = .fetch(:indent) include_group = .fetch(:include_group) # use cache to find groups if one was provided if [:cache] groups = [:cache].unsafe_get_many(perm.groups) else groups = perm.groups end lines = [] group = perm.security_group lines << "security_group: #{group.name} (#{group.id})" if include_group lines.concat([ "type: #{(perm.egress? ? :egress : :ingress)}", "proto: #{perm.protocol.inspect}", "ports: #{perm.port_range.inspect}", "cidr: #{perm.ip_ranges.inspect}", "groups: [#{groups.map{|g| "<#{g.name} #{g.id}>"}.join(", ")}]" ]) return lines.map{|line| ' '*indent + line}.join("\n") end |