class Formatron::CloudFormation::Template::VPC::Subnet::Instance::SecurityGroup

generates CloudFormation security group resource rubocop:disable Metrics/ClassLength

Constants

SECURITY_GROUP_PREFIX

Public Class Methods

new( os:, security_group:, instance_guid:, vpc_guid:, vpc_cidr: ) click to toggle source

rubocop:disable Metrics/MethodLength

# File lib/formatron/cloud_formation/template/vpc/subnet/instance/security_group.rb, line 15
def initialize(
  os:,
  security_group:,
  instance_guid:,
  vpc_guid:,
  vpc_cidr:
)
  @os = os
  @security_group = security_group
  @vpc_guid = vpc_guid
  @cidr = vpc_cidr
  @guid = instance_guid
  @security_group_id = "#{SECURITY_GROUP_PREFIX}#{@guid}"
  @vpc_id = "#{VPC::VPC_PREFIX}#{@vpc_guid}"
  @open_tcp_ports =
    @security_group.open_tcp_port unless @security_group.nil?
  @open_udp_ports =
    @security_group.open_udp_port unless @security_group.nil?
end

Public Instance Methods

merge(resources:) click to toggle source

rubocop:disable Metrics/MethodLength

# File lib/formatron/cloud_formation/template/vpc/subnet/instance/security_group.rb, line 37
def merge(resources:)
  if @os.eql? 'windows'
    ingress_rules = _base_windows_ingress_rules
  else
    ingress_rules = _base_ingress_rules
  end
  ingress_rules.concat(
    @open_tcp_ports.collect do |port|
      {
        cidr: '0.0.0.0/0',
        protocol: 'tcp',
        from_port: port,
        to_port: port
      }
    end
  ) unless @open_tcp_ports.nil?
  ingress_rules.concat(
    @open_udp_ports.collect do |port|
      {
        cidr: '0.0.0.0/0',
        protocol: 'udp',
        from_port: port,
        to_port: port
      }
    end
  ) unless @open_udp_ports.nil?
  resources[@security_group_id] = Resources::EC2.security_group(
    group_description: 'Formatron instance security group',
    vpc: @vpc_id,
    egress: _base_egress_rules,
    ingress: ingress_rules
  )
end

Private Instance Methods

_base_egress_rules() click to toggle source

rubocop:disable Metrics/MethodLength

# File lib/formatron/cloud_formation/template/vpc/subnet/instance/security_group.rb, line 73
def _base_egress_rules
  [{
    cidr: '0.0.0.0/0',
    protocol: 'tcp',
    from_port: '0',
    to_port: '65535'
  }, {
    cidr: '0.0.0.0/0',
    protocol: 'udp',
    from_port: '0',
    to_port: '65535'
  }, {
    cidr: '0.0.0.0/0',
    protocol: 'icmp',
    from_port: '-1',
    to_port: '-1'
  }]
end
_base_ingress_rules() click to toggle source

rubocop:disable Metrics/MethodLength

# File lib/formatron/cloud_formation/template/vpc/subnet/instance/security_group.rb, line 94
def _base_ingress_rules
  [{
    cidr: @cidr,
    protocol: 'tcp',
    from_port: '0',
    to_port: '65535'
  }, {
    cidr: @cidr,
    protocol: 'udp',
    from_port: '0',
    to_port: '65535'
  }, {
    cidr: @cidr,
    protocol: 'icmp',
    from_port: '-1',
    to_port: '-1'
  }]
end
_base_windows_ingress_rules() click to toggle source

rubocop:disable Metrics/MethodLength

# File lib/formatron/cloud_formation/template/vpc/subnet/instance/security_group.rb, line 115
def _base_windows_ingress_rules
  [{
    cidr: @cidr,
    protocol: 'tcp',
    from_port: '0',
    to_port: '65535'
  }, {
    cidr: @cidr,
    protocol: 'udp',
    from_port: '0',
    to_port: '65535'
  }, {
    cidr: @cidr,
    protocol: 'icmp',
    from_port: '-1',
    to_port: '-1'
  }, {
    cidr: '0.0.0.0/0',
    protocol: 'tcp',
    from_port: '3389',
    to_port: '3389'
  }, {
    cidr: '0.0.0.0/0',
    protocol: 'tcp',
    from_port: '5985',
    to_port: '5985'
  }, {
    cidr: '0.0.0.0/0',
    protocol: 'tcp',
    from_port: '5986',
    to_port: '5986'
  }]
end