class Ec2SecurityCzar::Base

Attributes

ec2[RW]

Public Class Methods

new(environment=nil, args={}) click to toggle source
# File lib/ec2-security-czar/base.rb, line 13
def initialize(environment=nil, args={})
  raise MissingConfig.new("Missing aws_keys.yml config file") unless File.exists?(config_filename)
  @environment = environment
  load_config(args[:region])
  AWS.config(access_key_id: @config[:access_key], secret_access_key: @config[:secret_key], region: @config[:region])
  if @config[:mfa_serial_number]
    @ec2 = mfa_auth(args[:token])
  else
    @ec2 = AWS.ec2
  end
end

Public Instance Methods

load_config(region) click to toggle source
# File lib/ec2-security-czar/base.rb, line 29
def load_config(region)
  return @config if @config
  @config = AwsConfig[YAML.load_file(config_filename)]
  @config = @config[@environment] if @environment
  @config[:region] = region || 'us-east-1'
  @config
end
update_security_groups() click to toggle source
# File lib/ec2-security-czar/base.rb, line 25
def update_security_groups
  SecurityGroup.update_security_groups(ec2, @environment, @config[:region])
end

Private Instance Methods

config_filename() click to toggle source
# File lib/ec2-security-czar/base.rb, line 45
def config_filename
  'config/aws_keys.yml'
end
mfa_auth(mfa_token) click to toggle source
# File lib/ec2-security-czar/base.rb, line 38
def mfa_auth(mfa_token)
  raise MFATokenMissing.new("MFA token is required as an argument!") unless mfa_token
  sts = AWS::STS.new(access_key_id: @config[:access_key], secret_access_key: @config[:secret_key])
  session = sts.new_session(duration: @config[:mfa_duration] || 900, serial_number: @config[:mfa_serial_number], token_code: mfa_token)
  AWS::EC2.new(session.credentials)
end