Class: Rudy::AWS::EC2::Groups

Inherits:

Object

• Object
• Rudy::AWS::EC2::Groups

Includes:

Base, ObjectBase

Defined in:

lib/rudy/aws/ec2/group.rb

Instance Attribute Summary

Attributes included from Base

#ec2

Class Method Summary

• .from_hash(ghash) ⇒ Object

  • ghash is an EC2::Base Security Group Hash.

Instance Method Summary

• #any? ⇒ Boolean
• #authorize(name, addresses = [], ports = [], protocols = [], &each_group) ⇒ Object (also: #authorise)

  Authorize a port/protocol for a specific IP address.

• #authorize_group(name, gname, owner, &each_group) ⇒ Object (also: #authorise_group)
• #create(name, desc = nil, addresses = [], ports = [], protocols = [], &each_group) ⇒ Object

  Create a new EC2 security group Returns list of created groups.

• #destroy(name, &each_group) ⇒ Object

  Delete an EC2 security group Returns true/false whether successful.

• #exists?(name) ⇒ Boolean

  Does the security group name exist?.

• #get(name) ⇒ Object

  • name a string.

• #list(group_names = [], &each_group) ⇒ Object
• #list_as_hash(group_names = [], &each_group) ⇒ Object

  • group_names is a list of security group names to look for.

• #revoke(name, addresses = [], ports = [], protocols = [], &each_group) ⇒ Object

  Revoke a port/protocol for a specific IP address Takes the same arguments as authorize.

• #revoke_group(name, gname, owner, &each_group) ⇒ Object

Methods included from Base

#initialize

Methods included from Huxtable

change_environment, change_position, change_region, change_role, change_zone, #check_keys, #config_dirname, create_domain, #current_group_name, #current_machine_address, #current_machine_count, #current_machine_group, #current_machine_hostname, #current_machine_image, #current_machine_name, #current_machine_size, #current_user, #current_user_keypairpath, debug?, #debug?, domain, domain_exists?, #group_metadata, #has_keypair?, #has_keys?, #has_pem_keys?, #has_root_keypair?, keypair_path_to_name, #known_machine_group?, #root_keypairname, #root_keypairpath, #switch_user, update_config, update_global, update_logger, #user_keypairname, #user_keypairpath

Class Method Details

.from_hash(ghash) ⇒ Object

• ghash is an EC2::Base Security Group Hash. This is the format

returned by EC2::Base#describe_security_groups

groupName: stage-app
groupDescription: 
ownerId: "207436219441"
ipPermissions: 
  item: 
  - ipRanges: 
      item: 
      - cidrIp: 216.19.182.83/32
      - cidrIp: 24.5.71.201/32
      - cidrIp: 75.157.176.202/32
      - cidrIp: 84.28.52.172/32
      - cidrIp: 87.212.145.201/32
      - cidrIp: 96.49.129.178/32
    groups: 
      item: 
      - groupName: default
        userId: "207436219441"
      - groupName: stage-app
        userId: "207436219441"  
    fromPort: "22"
    toPort: "22"
    ipProtocol: tcp

Returns a Rudy::AWS::EC2::Group object

# File 'lib/rudy/aws/ec2/group.rb', line 210

def self.from_hash(ghash)
  newg = Rudy::AWS::EC2::Group.new
  newg.name = ghash['groupName']
  newg.description = ghash['groupDescription']
  newg.owner_id = ghash['ownerId']
  newg.addresses = {}
  newg.groups = {}
  
  return newg unless ghash['ipPermissions'].is_a?(Hash)
  
  ghash['ipPermissions']['item'].each do |oldp|
    newp = Rudy::AWS::EC2::Group::Rule.new
    newp.ports = Range.new(oldp['fromPort'], oldp['toPort'])
    newp.protocol = oldp['ipProtocol']
    if oldp['groups'].is_a?(Hash)
      oldp['groups']['item'].each do |oldpg|
        name = [oldpg['userId'], oldpg['groupName']].join(':')   # account_num:name
        newg.add_group(name, newp)
      end
    end
    if oldp['ipRanges'].is_a?(Hash)
      oldp['ipRanges']['item'].each do |olda|
        name = "#{olda['cidrIp']}"
        newg.add_address(name, newp)   # ipaddress/mask/protocol
      end
    end
  end
  newg
end

Instance Method Details

#any? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rudy/aws/ec2/group.rb', line 154

def any?
  groups = list || []
  !groups.empty?
end

#authorize(name, addresses = [], ports = [], protocols = [], &each_group) ⇒ Object Also known as: authorise

Authorize a port/protocol for a specific IP address

# File 'lib/rudy/aws/ec2/group.rb', line 110

def authorize(name, addresses=[], ports=[], protocols=[], &each_group)
  modify_rules(:authorize, name, addresses, ports, protocols, &each_group)
end

#authorize_group(name, gname, owner, &each_group) ⇒ Object Also known as: authorise_group

# File 'lib/rudy/aws/ec2/group.rb', line 121

def authorize_group(name, gname, owner, &each_group)
  modify_group_rules(:authorize, name, gname, owner, &each_group)
end

#create(name, desc = nil, addresses = [], ports = [], protocols = [], &each_group) ⇒ Object

Create a new EC2 security group Returns list of created groups

# File 'lib/rudy/aws/ec2/group.rb', line 93

def create(name, desc=nil, addresses=[], ports=[], protocols=[], &each_group)
  desc ||= "Security Group #{name}"
  ret = @ec2.create_security_group(:group_name => name, :group_description => desc)
  return false unless (ret && ret['return'] == 'true')
  authorize(name, addresses, ports, protocols)
  get(name, &each_group)
end

#destroy(name, &each_group) ⇒ Object

Delete an EC2 security group Returns true/false whether successful

# File 'lib/rudy/aws/ec2/group.rb', line 103

def destroy(name, &each_group)
  list(name, &each_group) if each_group
  ret = @ec2.delete_security_group(:group_name => name)
  (ret && ret['return'] == 'true')
end

#exists?(name) ⇒ Boolean

Does the security group name exist?

Returns:

• (Boolean)

# File 'lib/rudy/aws/ec2/group.rb', line 170

def exists?(name)
  begin
    g = list([name.to_s])
  rescue ::EC2::InvalidGroupNotFound
    return false 
  end

  !g.empty?
end

#get(name) ⇒ Object

• name a string

# File 'lib/rudy/aws/ec2/group.rb', line 160

def get(name)
  (list([name]) || []).first
end

#list(group_names = [], &each_group) ⇒ Object

# File 'lib/rudy/aws/ec2/group.rb', line 130

def list(group_names=[], &each_group)
  group_names ||= []
  groups = list_as_hash(group_names, &each_group)
  groups &&= groups.values
  groups
end

#list_as_hash(group_names = [], &each_group) ⇒ Object

• group_names is a list of security group names to look for. If it’s empty, all groups

associated to the account will be returned.

Returns an Array of Rudy::AWS::EC2::Group objects

# File 'lib/rudy/aws/ec2/group.rb', line 141

def list_as_hash(group_names=[], &each_group)
  group_names = [group_names].flatten.compact
  glist = @ec2.describe_security_groups(:group_name => group_names) || {}
  return unless glist['securityGroupInfo'].is_a?(Hash)
  groups = {}
  glist['securityGroupInfo']['item'].each do |oldg| 
    g = Groups.from_hash(oldg)
    groups[g.name] = g
  end
  groups.each_value { |g| each_group.call(g) } if each_group
  groups
end

#revoke(name, addresses = [], ports = [], protocols = [], &each_group) ⇒ Object

Revoke a port/protocol for a specific IP address Takes the same arguments as authorize

# File 'lib/rudy/aws/ec2/group.rb', line 117

def revoke(name, addresses=[], ports=[], protocols=[], &each_group)
  modify_rules(:revoke, name, addresses, ports, protocols, &each_group)
end

#revoke_group(name, gname, owner, &each_group) ⇒ Object

# File 'lib/rudy/aws/ec2/group.rb', line 126

def revoke_group(name, gname, owner, &each_group)
  modify_group_rules(:revoke, name, gname, owner, &each_group)
end