aws-sdk 1.1.3 → 1.1.4

data/lib/aws/ec2/security_group/egress_ip_permission_collection.rb

@@ -0,0 +1,53 @@
+# Copyright 2011 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+  class EC2
+    class SecurityGroup < Resource
+      class EgressIpPermissionCollection < IpPermissionCollection
+
+        def each
+          security_group.ip_permissions_list_egress.each do |p|
+
+            # egress permissions don't always have ports
+            if p.respond_to?(:from_port)
+              ports = [p.from_port, p.to_port]
+            else
+              ports = nil
+            end
+
+            ip_ranges = p.ip_ranges.collect{|ip| ip.cidr_ip }
+
+            groups = p.groups.collect do |group|
+              SecurityGroup.new(group.group_id,
+                :name => group.group_name,
+                :owner_id => group.user_id,
+                :vpc_id => group.vpc_id,
+                :config => config)
+            end
+
+            permission = IpPermission.new(security_group, p.ip_protocol, ports,
+              :ip_ranges => ip_ranges,
+              :groups => groups,
+              :egress => true,
+              :config => config)
+
+            yield(permission)
+
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/aws/ec2/security_group/ip_permission.rb

@@ -11,14 +11,12 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/model'
-
 module AWS
   class EC2
     class SecurityGroup < Resource
       class IpPermission
 
-        include Model
+        include Core::Model
 
         # @param protocol [:tcp, :udp, :icmp]
         # @param port [Range,Integer] An integer or a range of integers
@@ -28,13 +26,28 @@ module AWS
         #   to grant permission to.
         # @option options [Array] :groups An array of SecurityGroup objects to
         #   grant permission to.
+        # @option options [Boolean] :egress (false) When true this IpPermission
+        #   is assumed to be an egree permission.
         def initialize security_group, protocol, ports, options = {}
+
           @security_group = security_group
-          @protocol = protocol.to_s.downcase.to_sym
-          @port_range = (Array(ports).first..Array(ports).last)
+
+          @protocol = protocol == '-1' ?  :any : protocol.to_s.downcase.to_sym
+
           @ip_ranges = Array(options[:ip_ranges])
+
           @groups = Array(options[:groups])
+
+          @egress = options[:egress]
+
+          # not all egress permissions require port ranges, depends on the
+          # protocol
+          if ports
+            @port_range = Array(ports).first.to_i..Array(ports).last.to_i
+          end
+
           super
+
         end
 
         # @return [SecurityGroup] The security group this permission is 
@@ -47,21 +60,90 @@ module AWS
         # @return [Range] The port range (e.g. 80..80, 4000..4010, etc)
         attr_reader :port_range
 
-        # @return [Array] An array if string CIDR ip addresses.
+        # @return [Array] An array of string CIDR ip addresses.
         attr_reader :ip_ranges
 
         # @return [Array] An array of security groups that have been 
         # granted access with this permission.
         attr_reader :groups
 
+        # @return [Boolean] Returns true if this is an egress permission.
+        def egress?
+          @egress ? true : false
+        end
+
+        # Authorizes this permission from its security group.
+        # @return [IpPermission] Returns self
         def authorize
-          sources = groups + ip_ranges
-          security_group.authorize_ingress(protocol, port_range, *sources)
+
+          method = egress? ? 
+            :authorize_security_group_egress :
+            :authorize_security_group_ingress
+
+          client.send(method, 
+            :group_id => security_group.id,
+            :ip_permissions => [format_permission])
+
+          self
+
         end
 
+        # Revokes this permission from its security group.
+        # @return [IpPermission] Returns self
         def revoke
-          sources = groups + ip_ranges
-          security_group.revoke_ingress(protocol, port_range, *sources)
+
+          method = egress? ? 
+            :revoke_security_group_egress :
+            :revoke_security_group_ingress
+
+          client.send(method, 
+            :group_id => security_group.id,
+            :ip_permissions => [format_permission])
+
+          self
+
+        end
+
+        # @return [Boolean] Returns true if the other IpPermission matches
+        #   this one.
+        def == other
+          other.is_a?(IpPermission) and
+          other.security_group == security_group and
+          other.protocol == protocol and
+          other.port_range == port_range and
+          other.ip_ranges == ip_ranges and
+          other.groups == groups and
+          other.egress == egress?
+        end
+
+        alias_method :eql?, :==
+
+        # @private
+        protected
+        def format_permission
+      
+          permission = {}
+
+          permission[:ip_protocol] = protocol == :any ? '-1' : protocol.to_s
+
+          if port_range
+            permission[:from_port] = port_range.first
+            permission[:to_port] = port_range.last
+          end
+
+          unless ip_ranges.empty?
+            permission[:ip_ranges] = ip_ranges.collect{|ip| { :cidr_ip => ip } }
+          end
+
+          unless groups.empty?
+            permission[:user_id_group_pairs] = groups.inject([]) do |list,group|
+              list << { :group_id => group.id, :user_id => group.owner_id }
+              list
+            end
+          end
+
+          permission
+
         end
 
       end

data/lib/aws/ec2/security_group/ip_permission_collection.rb

@@ -11,41 +11,40 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/model'
-
 module AWS
   class EC2
     class SecurityGroup < Resource
 
       class IpPermissionCollection
 
-        include Model
+        include Core::Model
         include Enumerable
 
         attr_reader :security_group
 
-        def initialize(security_group, opts = {})
-          super
+        def initialize security_group, options = {}
           @security_group = security_group
+          super
         end
 
         def each
           security_group.ip_permissions_list.each do |p|
 
+            ports = [p.from_port, p.to_port]
+
+            ip_ranges = p.ip_ranges.collect{|ip| ip.cidr_ip }
+
             groups = p.groups.collect do |group|
               SecurityGroup.new(group.group_id,
-                                :name => group.group_name,
-                                :owner_id => group.user_id,
-                                :config => config)
+                :name => group.group_name,
+                :owner_id => group.user_id,
+                :config => config)
             end
 
-            ip_ranges = p.ip_ranges.collect{|ip| ip.cidr_ip }
-
-            permission =
-              IpPermission.new(self, p.ip_protocol, [p.from_port, p.to_port],
-                               :ip_ranges => ip_ranges,
-                               :groups => groups,
-                               :config => config)
+            permission = IpPermission.new(security_group, p.ip_protocol, ports,
+              :ip_ranges => ip_ranges,
+              :groups => groups,
+              :config => config)
 
             yield(permission)
 

data/lib/aws/ec2/security_group_collection.rb

@@ -11,11 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/model'
-require 'aws/ec2/collection'
-require 'aws/ec2/tagged_collection'
-require 'aws/ec2/security_group'
-
 module AWS
   class EC2
 
@@ -31,18 +26,26 @@ module AWS
       #   of this security group.  Accepts alphanumeric characters, spaces,
       #   dashes, and underscores. If left blank the description will be set
       #   to the name.
+      # @option options [String] :vpc_id (nil) The ID of a VPC to create
+      #   a security group in.  If this option is left blank then an 
+      #   EC2 security group is created.  If this option is provided a VPC
+      #   security group will be created.
       # @return [SecurityGroup]
       def create name, options = {}
 
         description = options[:description] || name
 
-        response = client.create_security_group(
-          :group_name => name, 
-          :description => description)
+        create_opts = {}
+        create_opts[:group_name] = name
+        create_opts[:description] = description
+        create_opts[:vpc_id] = options[:vpc_id] if options[:vpc_id]
+
+        response = client.create_security_group(create_opts)
 
         SecurityGroup.new(response.group_id, {
           :name => name,
           :description => description,
+          :vpc_id => options[:vpc_id],
           :config => config })
 
       end

data/lib/aws/ec2/snapshot.rb

@@ -11,10 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/ec2/resource'
-require 'aws/ec2/has_permissions'
-require 'aws/ec2/tagged_item'
-
 module AWS
   class EC2
 

data/lib/aws/ec2/snapshot_collection.rb

@@ -11,10 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/ec2/collection'
-require 'aws/ec2/tagged_collection'
-require 'aws/ec2/snapshot'
-
 module AWS
   class EC2
 

data/lib/aws/ec2/tag.rb

@@ -11,9 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/model'
-require 'aws/cacheable'
-
 module AWS
   class EC2
 

data/lib/aws/ec2/tag_collection.rb

@@ -11,13 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/model'
-require 'aws/inflection'
-require 'aws/ec2/collection'
-require 'aws/ec2/tag'
-require 'aws/ec2/tagged_item'
-require 'aws/ec2/resource'
-
 module AWS
   class EC2
 
@@ -87,7 +80,7 @@ module AWS
         response = filtered_request(:describe_tags)
         response.tag_set.each do |tag|
 
-          resource_class_name = Inflection.class_name(tag.resource_type)
+          resource_class_name = Core::Inflection.class_name(tag.resource_type)
           if EC2.const_defined?(resource_class_name)
             resource_class = EC2.const_get(resource_class_name)
             resource = resource_class.new(tag.resource_id, :config => config)

data/lib/aws/ec2/tagged_item.rb

@@ -11,8 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/ec2/resource_tag_collection'
-
 module AWS
   class EC2
     module TaggedItem
@@ -79,7 +77,7 @@ module AWS
 
       # @private
       def tagging_resource_type
-        Inflection.ruby_name(self.class.to_s).tr("_","-")
+        Core::Inflection.ruby_name(self.class.to_s).tr("_","-")
       end
 
     end

data/lib/aws/ec2/volume.rb

@@ -11,12 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/ec2/resource'
-require 'aws/ec2/tagged_item'
-require 'aws/ec2/availability_zone'
-require 'aws/ec2/attachment'
-require 'aws/ec2/attachment_collection'
-
 module AWS
   class EC2
 

data/lib/aws/ec2/volume_collection.rb

@@ -11,10 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/ec2/collection'
-require 'aws/ec2/tagged_collection'
-require 'aws/ec2/volume'
-
 module AWS
   class EC2
 

data/lib/aws/errors.rb

@@ -11,9 +11,6 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'thread'
-require 'aws/xml_grammar'
-
 module AWS
   module Errors
 

data/lib/aws/iam.rb

@@ -11,16 +11,8 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 
-require 'aws/common'
-require 'aws/inflection'
-require 'aws/service_interface'
-require 'aws/iam/client'
-require 'aws/iam/user_collection'
-require 'aws/iam/group_collection'
-require 'aws/iam/signing_certificate_collection'
-require 'aws/iam/server_certificate_collection'
-require 'aws/iam/account_alias_collection'
-require 'aws/iam/access_key_collection'
+require 'aws/core'
+require 'aws/iam/config'
 
 module AWS
 
@@ -142,7 +134,36 @@ module AWS
   #
   class IAM
 
-    include ServiceInterface
+    AWS.register_autoloads(self) do
+      autoload :AccessKey,                    'access_key'
+      autoload :AccessKeyCollection,          'access_key_collection'
+      autoload :AccountAliasCollection,       'account_alias_collection'
+      autoload :Client,                       'client'
+      autoload :Collection,                   'collection'
+      autoload :Errors,                       'errors'
+      autoload :Group,                        'group'
+      autoload :GroupCollection,              'group_collection'
+      autoload :GroupPolicyCollection,        'group_policy_collection'
+      autoload :GroupUserCollection,          'group_user_collection'
+      autoload :LoginProfile,                 'login_profile'
+      autoload :MFADevice,                    'mfa_device'
+      autoload :MFADeviceCollection,          'mfa_device_collection'
+      autoload :Policy,                       'policy'
+      autoload :PolicyCollection,             'policy_collection'
+      autoload :Request,                      'request'
+      autoload :Resource,                     'resource'
+      autoload :ServerCertificate,            'server_certificate'
+      autoload :ServerCertificateCollection,  'server_certificate_collection'
+      autoload :SigningCertificate,           'signing_certificate'
+      autoload :SigningCertificateCollection, 'signing_certificate_collection'
+      autoload :User,                         'user'
+      autoload :UserCollection,               'user_collection'
+      autoload :UserGroupCollection,          'user_group_collection'
+      autoload :UserPolicy,                   'user_policy'
+      autoload :UserPolicyCollection,         'user_policy_collection'
+    end
+
+    include Core::ServiceInterface
 
     # Returns a collection that represents all AWS users for this account:
     #
@@ -297,7 +318,7 @@ module AWS
     # @return [Hash]
     def account_summary
       client.get_account_summary.summary_map.inject({}) do |h, (k,v)|
-        h[Inflection.ruby_name(k).to_sym] = v
+        h[Core::Inflection.ruby_name(k).to_sym] = v
         h
       end
     end