class Awspec::Type::SecurityGroup
Public Instance Methods
id()
click to toggle source
# File lib/awspec/type/security_group.rb, line 10 def id @id ||= resource_via_client.group_id if resource_via_client end
inbound()
click to toggle source
# File lib/awspec/type/security_group.rb, line 58 def inbound @inbound = true self end
inbound_opened?(port = nil, protocol = nil, cidr = nil)
click to toggle source
# File lib/awspec/type/security_group.rb, line 24 def inbound_opened?(port = nil, protocol = nil, cidr = nil) resource_via_client.ip_permissions.find do |permission| cidr_opened?(permission, cidr) && protocol_opened?(permission, protocol) && port_opened?(permission, port) end end
inbound_opened_only?(port = nil, protocol = nil, cidr = nil)
click to toggle source
# File lib/awspec/type/security_group.rb, line 30 def inbound_opened_only?(port = nil, protocol = nil, cidr = nil) permissions = resource_via_client.ip_permissions.select do |permission| protocol_opened?(permission, protocol) && port_opened?(permission, port) end cidrs = [] permissions.each do |permission| permission.ip_ranges.select { |ip_range| cidrs.push(ip_range.cidr_ip) } end cidrs == Array(cidr) end
inbound_rule_count()
click to toggle source
# File lib/awspec/type/security_group.rb, line 78 def inbound_rule_count resource_via_client.ip_permissions.reduce(0) do |sum, permission| sum += permission.ip_ranges.count + permission.user_id_group_pairs.count end end
ip_permissions_count()
click to toggle source
# File lib/awspec/type/security_group.rb, line 68 def ip_permissions_count resource_via_client.ip_permissions.count end
Also aliased as: inbound_permissions_count
ip_permissions_egress_count()
click to toggle source
# File lib/awspec/type/security_group.rb, line 73 def ip_permissions_egress_count resource_via_client.ip_permissions_egress.count end
Also aliased as: outbound_permissions_count
opened?(port = nil, protocol = nil, cidr = nil)
click to toggle source
# File lib/awspec/type/security_group.rb, line 14 def opened?(port = nil, protocol = nil, cidr = nil) return inbound_opened?(port, protocol, cidr) if @inbound outbound_opened?(port, protocol, cidr) end
opened_only?(port = nil, protocol = nil, cidr = nil)
click to toggle source
# File lib/awspec/type/security_group.rb, line 19 def opened_only?(port = nil, protocol = nil, cidr = nil) return inbound_opened_only?(port, protocol, cidr) if @inbound outbound_opened_only?(port, protocol, cidr) end
outbound()
click to toggle source
# File lib/awspec/type/security_group.rb, line 63 def outbound @inbound = false self end
outbound_opened?(port = nil, protocol = nil, cidr = nil)
click to toggle source
# File lib/awspec/type/security_group.rb, line 41 def outbound_opened?(port = nil, protocol = nil, cidr = nil) resource_via_client.ip_permissions_egress.find do |permission| cidr_opened?(permission, cidr) && protocol_opened?(permission, protocol) && port_opened?(permission, port) end end
outbound_opened_only?(port = nil, protocol = nil, cidr = nil)
click to toggle source
# File lib/awspec/type/security_group.rb, line 47 def outbound_opened_only?(port = nil, protocol = nil, cidr = nil) permissions = resource_via_client.ip_permissions_egress.select do |permission| protocol_opened?(permission, protocol) && port_opened?(permission, port) end cidrs = [] permissions.each do |permission| permission.ip_ranges.select { |ip_range| cidrs.push(ip_range.cidr_ip) } end cidrs == Array(cidr) end
outbound_rule_count()
click to toggle source
# File lib/awspec/type/security_group.rb, line 84 def outbound_rule_count resource_via_client.ip_permissions_egress.reduce(0) do |sum, permission| sum += permission.ip_ranges.count + permission.user_id_group_pairs.count end end
resource_via_client()
click to toggle source
# File lib/awspec/type/security_group.rb, line 6 def resource_via_client @resource_via_client ||= find_security_group(@display_name) end
Private Instance Methods
cidr_opened?(permission, cidr)
click to toggle source
# File lib/awspec/type/security_group.rb, line 92 def cidr_opened?(permission, cidr) return true unless cidr ret = permission.ip_ranges.select do |ip_range| ip_range.cidr_ip == cidr end return true if ret.count > 0 ret = permission.user_id_group_pairs.select do |sg| # Compare the sg group_name if the remote group is in another account. # find_security_group call doesn't return info on a remote security group. if !sg.user_id.nil? && (sg.user_id != resource_via_client.owner_id) next (sg.group_name == cidr) || (sg.group_id == cidr) end next true if sg.group_id == cidr sg2 = find_security_group(sg.group_id) next false if sg2.nil? next true if sg2.group_name == cidr sg2.tags.find do |tag| tag.key == 'Name' && tag.value == cidr end end ret.count > 0 end
port_between?(port, from_port, to_port)
click to toggle source
# File lib/awspec/type/security_group.rb, line 129 def port_between?(port, from_port, to_port) if port.is_a?(String) && port.include?('-') f, t = port.split('-') from_port == f.to_i && to_port == t.to_i else port.between?(from_port, to_port) end end
port_opened?(permission, port)
click to toggle source
# File lib/awspec/type/security_group.rb, line 122 def port_opened?(permission, port) return true unless port return true unless permission.from_port return true unless permission.to_port port_between?(port, permission.from_port, permission.to_port) end
protocol_opened?(permission, protocol)
click to toggle source
# File lib/awspec/type/security_group.rb, line 115 def protocol_opened?(permission, protocol) return true unless protocol return false if protocol == 'all' && permission.ip_protocol != '-1' return true if permission.ip_protocol == '-1' permission.ip_protocol == protocol end