aws 2.5.3 → 2.5.4
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/awsbase/utils.rb +2 -2
- data/lib/ec2/ec2.rb +37 -0
- metadata +2 -2
data/lib/awsbase/utils.rb
CHANGED
|
@@ -106,8 +106,8 @@ module Aws
|
|
|
106
106
|
]
|
|
107
107
|
TO_REMEMBER = 'AZaz09 -_.!~*\'()'
|
|
108
108
|
ASCII = {} # {'A'=>65, 'Z'=>90, 'a'=>97, 'z'=>122, '0'=>48, '9'=>57, ' '=>32, '-'=>45, '_'=>95, '.'=>}
|
|
109
|
-
TO_REMEMBER.
|
|
110
|
-
ASCII[
|
|
109
|
+
TO_REMEMBER.each_byte do |b|
|
|
110
|
+
ASCII[b.chr] = b.chr.unpack("c")[0]
|
|
111
111
|
end
|
|
112
112
|
# puts 'ascii=' + ASCII.inspect
|
|
113
113
|
|
data/lib/ec2/ec2.rb
CHANGED
|
@@ -882,6 +882,43 @@ module Aws
|
|
|
882
882
|
on_exception
|
|
883
883
|
end
|
|
884
884
|
|
|
885
|
+
# Authorize OR Revoke ingress for security group, depending on the value of the 'action' parameter.
|
|
886
|
+
# If you 'authorize' then you allow instances that are member of some other
|
|
887
|
+
# security groups, or some range of ip addresses to open connections to instances in
|
|
888
|
+
# my group. Can specify an array of ip addresses, source groups or mix of both in a single rule:
|
|
889
|
+
#
|
|
890
|
+
# ec2.manage_security_group_ingress('authorize', 'new_firewall', 80, 80, 'tcp', ['192.168.0.1/32', '10.0.0.1/24'],
|
|
891
|
+
# [{'group_name'=>'default', 'owner'=>'297467797945'}, {'group_name'=>'test', 'owner'=>'123456789012'}])
|
|
892
|
+
#
|
|
893
|
+
# ec2.manage_security_group_ingress('new_firewall', 0, 1000, 'udp', 'revoke', [],
|
|
894
|
+
# [{'group_name'=>'default', 'owner'=>'123456789012'}])
|
|
895
|
+
#
|
|
896
|
+
# ec2.manage_security_group_ingress('new_firewall', 0, 1000, 'udp', 'authorize', ['0.0.0.0/0'])
|
|
897
|
+
#
|
|
898
|
+
# Similarly, if you specify 'revoke' as the action parameter then you will remove the specified
|
|
899
|
+
# source ip addresses or source groups from access to instances in the named group:
|
|
900
|
+
#
|
|
901
|
+
def manage_security_group_ingress(name, from_port, to_port, protocol, action, source_ip_ranges, source_groups = [])
|
|
902
|
+
call_params = { 'GroupName' => name.to_s,
|
|
903
|
+
'IpPermissions.1.IpProtocol' => protocol.to_s,
|
|
904
|
+
'IpPermissions.1.FromPort' => from_port.to_s,
|
|
905
|
+
'IpPermissions.1.ToPort' => to_port.to_s }
|
|
906
|
+
source_ip_ranges.each_index do |i|
|
|
907
|
+
call_params.merge!({"IpPermissions.1.IpRanges.#{i+1}.CidrIp" => source_ip_ranges[i].to_s})
|
|
908
|
+
end
|
|
909
|
+
source_groups.each_index do |i|
|
|
910
|
+
call_params.merge!({"IpPermissions.1.Groups.#{i+1}.GroupName" => source_groups[i]['group_name'].to_s,
|
|
911
|
+
"IpPermissions.1.Groups.#{i+1}.UserId"=> source_groups[i]['owner'].to_s.gsub(/-/,'')})
|
|
912
|
+
end
|
|
913
|
+
unless ['Authorize', 'Revoke'].include?(action.capitalize)
|
|
914
|
+
raise AwsError.new("Invalid action #{action} - must be one of \'Authorize\' or \'Revoke\'")
|
|
915
|
+
end
|
|
916
|
+
link = generate_request("#{action.capitalize}SecurityGroupIngress", call_params)
|
|
917
|
+
request_info(link, RightBoolResponseParser.new(:logger => @logger))
|
|
918
|
+
rescue Exception
|
|
919
|
+
on_exception
|
|
920
|
+
end
|
|
921
|
+
|
|
885
922
|
# Authorize named ingress for security group. Allows instances that are member of someone
|
|
886
923
|
# else's security group to open connections to instances in my group.
|
|
887
924
|
#
|
metadata
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: aws
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
4
|
prerelease:
|
|
5
|
-
version: 2.5.
|
|
5
|
+
version: 2.5.4
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
8
8
|
- Travis Reeder
|
|
@@ -12,7 +12,7 @@ autorequire:
|
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
14
|
|
|
15
|
-
date: 2011-
|
|
15
|
+
date: 2011-06-10 00:00:00 Z
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
18
18
|
name: uuidtools
|