awspec 0.33.0 → 0.34.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Rakefile +5 -1
- data/lib/awspec.rb +1 -0
- data/lib/awspec/command/generate.rb +3 -4
- data/lib/awspec/error.rb +4 -0
- data/lib/awspec/ext.rb +1 -0
- data/lib/awspec/ext/array.rb +8 -0
- data/lib/awspec/generator.rb +1 -0
- data/lib/awspec/generator/spec/lambda.rb +29 -0
- data/lib/awspec/helper/finder.rb +2 -0
- data/lib/awspec/helper/finder/ami.rb +5 -3
- data/lib/awspec/helper/finder/autoscaling.rb +2 -2
- data/lib/awspec/helper/finder/cloudwatch.rb +4 -3
- data/lib/awspec/helper/finder/directconnect.rb +1 -1
- data/lib/awspec/helper/finder/ebs.rb +4 -3
- data/lib/awspec/helper/finder/ec2.rb +15 -51
- data/lib/awspec/helper/finder/elasticache.rb +2 -2
- data/lib/awspec/helper/finder/elb.rb +2 -2
- data/lib/awspec/helper/finder/iam.rb +1 -1
- data/lib/awspec/helper/finder/lambda.rb +8 -2
- data/lib/awspec/helper/finder/rds.rb +2 -2
- data/lib/awspec/helper/finder/route53.rb +3 -1
- data/lib/awspec/helper/finder/security_group.rb +10 -11
- data/lib/awspec/helper/finder/ses.rb +2 -2
- data/lib/awspec/helper/finder/subnet.rb +24 -0
- data/lib/awspec/helper/finder/vpc.rb +14 -28
- data/lib/awspec/helper/type.rb +8 -10
- data/lib/awspec/matcher/have_route.rb +1 -1
- data/lib/awspec/stub/duplicated_resource_type.rb +26 -0
- data/lib/awspec/stub/lambda.rb +5 -2
- data/lib/awspec/type/ami.rb +2 -2
- data/lib/awspec/type/autoscaling_group.rb +1 -1
- data/lib/awspec/type/base.rb +1 -1
- data/lib/awspec/type/cloudwatch_alarm.rb +4 -4
- data/lib/awspec/type/directconnect_virtual_interface.rb +2 -2
- data/lib/awspec/type/ebs.rb +5 -5
- data/lib/awspec/type/ec2.rb +12 -12
- data/lib/awspec/type/elasticache.rb +5 -5
- data/lib/awspec/type/elb.rb +8 -8
- data/lib/awspec/type/iam_group.rb +3 -3
- data/lib/awspec/type/iam_policy.rb +4 -4
- data/lib/awspec/type/iam_role.rb +2 -2
- data/lib/awspec/type/iam_user.rb +2 -2
- data/lib/awspec/type/lambda.rb +2 -2
- data/lib/awspec/type/launch_configuration.rb +3 -3
- data/lib/awspec/type/nat_gateway.rb +2 -2
- data/lib/awspec/type/network_acl.rb +5 -5
- data/lib/awspec/type/rds.rb +17 -17
- data/lib/awspec/type/route53_hosted_zone.rb +2 -2
- data/lib/awspec/type/route_table.rb +2 -2
- data/lib/awspec/type/security_group.rb +39 -39
- data/lib/awspec/type/ses_identity.rb +5 -5
- data/lib/awspec/type/subnet.rb +2 -2
- data/lib/awspec/type/vpc.rb +4 -4
- data/lib/awspec/version.rb +1 -1
- metadata +7 -2
data/lib/awspec/type/elb.rb
CHANGED
@@ -3,7 +3,7 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_elb(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.load_balancer_name if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
health_check_options = %w(
|
@@ -13,7 +13,7 @@ module Awspec::Type
|
|
13
13
|
|
14
14
|
health_check_options.each do |option|
|
15
15
|
define_method 'health_check_' + option do
|
16
|
-
@resource_via_client
|
16
|
+
@resource_via_client.health_check[option]
|
17
17
|
end
|
18
18
|
end
|
19
19
|
|
@@ -25,32 +25,32 @@ module Awspec::Type
|
|
25
25
|
end
|
26
26
|
|
27
27
|
def has_security_group?(sg_id)
|
28
|
-
sgs = @resource_via_client
|
28
|
+
sgs = @resource_via_client.security_groups
|
29
29
|
ret = sgs.find do |sg|
|
30
30
|
sg == sg_id
|
31
31
|
end
|
32
32
|
return true if ret
|
33
33
|
sg2 = find_security_group(sg_id)
|
34
|
-
return false unless sg2.tag_name == sg_id || sg2
|
34
|
+
return false unless sg2.tag_name == sg_id || sg2.group_name == sg_id
|
35
35
|
sgs.find do |sg|
|
36
|
-
sg == sg2
|
36
|
+
sg == sg2.group_name
|
37
37
|
end
|
38
38
|
end
|
39
39
|
|
40
40
|
def has_subnet?(subnet_id)
|
41
|
-
subnets = @resource_via_client
|
41
|
+
subnets = @resource_via_client.subnets
|
42
42
|
ret = subnets.find do |s|
|
43
43
|
s == subnet_id
|
44
44
|
end
|
45
45
|
return true if ret
|
46
46
|
res = find_subnet(subnet_id)
|
47
47
|
ret = subnets.find do |s|
|
48
|
-
s == res
|
48
|
+
s == res.subnet_id
|
49
49
|
end
|
50
50
|
end
|
51
51
|
|
52
52
|
def has_listener?(protocol:, port:, instance_protocol:, instance_port:)
|
53
|
-
@resource_via_client
|
53
|
+
@resource_via_client.listener_descriptions.find do |desc|
|
54
54
|
listener = desc.listener
|
55
55
|
listener.protocol == protocol && listener.load_balancer_port == port && \
|
56
56
|
listener.instance_protocol == instance_protocol && listener.instance_port == instance_port
|
@@ -3,13 +3,13 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_iam_group(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.group_id if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
def has_iam_user?(user_id)
|
10
10
|
user = find_iam_user(user_id)
|
11
11
|
return false unless user
|
12
|
-
user_name = user
|
12
|
+
user_name = user.user_name
|
13
13
|
groups = select_iam_group_by_user_name(user_name)
|
14
14
|
groups.find do |group|
|
15
15
|
group.group_id == @id
|
@@ -17,7 +17,7 @@ module Awspec::Type
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def has_iam_policy?(policy_id)
|
20
|
-
policies = select_iam_policy_by_group_name(@resource_via_client
|
20
|
+
policies = select_iam_policy_by_group_name(@resource_via_client.group_name)
|
21
21
|
policies.find do |policy|
|
22
22
|
policy.policy_arn == policy_id || policy.policy_name == policy_id
|
23
23
|
end
|
@@ -3,7 +3,7 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_iam_policy(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.policy_id if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
def attachable?
|
@@ -16,7 +16,7 @@ module Awspec::Type
|
|
16
16
|
user = find_iam_user(user_id)
|
17
17
|
return false unless user
|
18
18
|
users.any? do |u|
|
19
|
-
u.user_name == user
|
19
|
+
u.user_name == user.user_name
|
20
20
|
end
|
21
21
|
else
|
22
22
|
!users.empty?
|
@@ -29,7 +29,7 @@ module Awspec::Type
|
|
29
29
|
group = find_iam_group(group_id)
|
30
30
|
return false unless group
|
31
31
|
groups.any? do |g|
|
32
|
-
g.group_name == group
|
32
|
+
g.group_name == group.group_name
|
33
33
|
end
|
34
34
|
else
|
35
35
|
!groups.empty?
|
@@ -42,7 +42,7 @@ module Awspec::Type
|
|
42
42
|
role = find_iam_role(role_id)
|
43
43
|
return false unless role
|
44
44
|
roles.any? do |r|
|
45
|
-
r.role_name == role
|
45
|
+
r.role_name == role.role_name
|
46
46
|
end
|
47
47
|
else
|
48
48
|
!roles.empty?
|
data/lib/awspec/type/iam_role.rb
CHANGED
@@ -3,11 +3,11 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_iam_role(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.role_id if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
def has_iam_policy?(policy_id)
|
10
|
-
policies = select_iam_policy_by_role_name(@resource_via_client
|
10
|
+
policies = select_iam_policy_by_role_name(@resource_via_client.role_name)
|
11
11
|
policies.find do |policy|
|
12
12
|
policy.policy_arn == policy_id || policy.policy_name == policy_id
|
13
13
|
end
|
data/lib/awspec/type/iam_user.rb
CHANGED
@@ -3,11 +3,11 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_iam_user(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.user_id if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
def has_iam_policy?(policy_id)
|
10
|
-
policies = select_iam_policy_by_user_name(@resource_via_client
|
10
|
+
policies = select_iam_policy_by_user_name(@resource_via_client.user_name)
|
11
11
|
policies.find do |policy|
|
12
12
|
policy.policy_arn == policy_id || policy.policy_name == policy_id
|
13
13
|
end
|
data/lib/awspec/type/lambda.rb
CHANGED
@@ -3,11 +3,11 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_lambda(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.function_arn if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
def timeout
|
10
|
-
@resource_via_client
|
10
|
+
@resource_via_client.timeout
|
11
11
|
end
|
12
12
|
|
13
13
|
def has_event_source?(event_source_arn)
|
@@ -3,18 +3,18 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_launch_configuration(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.launch_configuration_arn if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
def has_security_group?(sg_id)
|
10
|
-
sgs = @resource_via_client
|
10
|
+
sgs = @resource_via_client.security_groups
|
11
11
|
ret = sgs.find do |sg|
|
12
12
|
sg == sg_id
|
13
13
|
end
|
14
14
|
return true if ret
|
15
15
|
sg2 = find_security_group(sg_id)
|
16
16
|
sgs.find do |sg|
|
17
|
-
sg == sg2
|
17
|
+
sg == sg2.group_id
|
18
18
|
end
|
19
19
|
end
|
20
20
|
end
|
@@ -3,7 +3,7 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_nat_gateway(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.nat_gateway_id if @resource_via_client
|
7
7
|
end
|
8
8
|
|
9
9
|
STATES = %w(
|
@@ -12,7 +12,7 @@ module Awspec::Type
|
|
12
12
|
|
13
13
|
STATES.each do |state|
|
14
14
|
define_method state.tr('-', '_') + '?' do
|
15
|
-
@resource_via_client
|
15
|
+
@resource_via_client.state == state
|
16
16
|
end
|
17
17
|
end
|
18
18
|
|
@@ -6,7 +6,7 @@ module Awspec::Type
|
|
6
6
|
def initialize(id)
|
7
7
|
super
|
8
8
|
@resource_via_client = find_network_acl(id)
|
9
|
-
@id = @resource_via_client
|
9
|
+
@id = @resource_via_client.network_acl_id if @resource_via_client
|
10
10
|
end
|
11
11
|
|
12
12
|
def has_subnet?(subnet_id)
|
@@ -14,7 +14,7 @@ module Awspec::Type
|
|
14
14
|
next true if a.subnet_id == subnet_id
|
15
15
|
subnet = find_subnet(subnet_id)
|
16
16
|
next false unless subnet
|
17
|
-
next a.subnet_id == subnet
|
17
|
+
next a.subnet_id == subnet.subnet_id
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
@@ -39,13 +39,13 @@ module Awspec::Type
|
|
39
39
|
end
|
40
40
|
|
41
41
|
def inbound_entries_count
|
42
|
-
@resource_via_client
|
42
|
+
@resource_via_client.entries.count do |entry|
|
43
43
|
entry.egress == false
|
44
44
|
end
|
45
45
|
end
|
46
46
|
|
47
47
|
def outbound_entries_count
|
48
|
-
@resource_via_client
|
48
|
+
@resource_via_client.entries.count do |entry|
|
49
49
|
entry.egress == true
|
50
50
|
end
|
51
51
|
end
|
@@ -71,7 +71,7 @@ module Awspec::Type
|
|
71
71
|
private
|
72
72
|
|
73
73
|
def entry?(rule_action, port = nil, protocol = nil, cidr = nil, rule_number = nil)
|
74
|
-
@resource_via_client
|
74
|
+
@resource_via_client.entries.find do |entry|
|
75
75
|
# egress rule_action
|
76
76
|
next false if entry.egress != @egress
|
77
77
|
next false if entry.rule_action != rule_action
|
data/lib/awspec/type/rds.rb
CHANGED
@@ -5,7 +5,7 @@ module Awspec::Type
|
|
5
5
|
def initialize(id)
|
6
6
|
super
|
7
7
|
@resource_via_client = find_rds(id)
|
8
|
-
@id = @resource_via_client
|
8
|
+
@id = @resource_via_client.db_instance_identifier if @resource_via_client
|
9
9
|
end
|
10
10
|
|
11
11
|
STATES = %w(
|
@@ -20,12 +20,12 @@ module Awspec::Type
|
|
20
20
|
|
21
21
|
STATES.each do |state|
|
22
22
|
define_method state.tr('-', '_') + '?' do
|
23
|
-
@resource_via_client
|
23
|
+
@resource_via_client.db_instance_status == state
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
27
27
|
def vpc_id
|
28
|
-
@resource_via_client
|
28
|
+
@resource_via_client.db_subnet_group.vpc_id
|
29
29
|
end
|
30
30
|
|
31
31
|
def has_security_group?(sg_id)
|
@@ -36,54 +36,54 @@ module Awspec::Type
|
|
36
36
|
end
|
37
37
|
|
38
38
|
def has_db_parameter_group?(name)
|
39
|
-
pgs = @resource_via_client
|
39
|
+
pgs = @resource_via_client.db_parameter_groups
|
40
40
|
pgs.find do |pg|
|
41
|
-
pg
|
41
|
+
pg.db_parameter_group_name == name
|
42
42
|
end
|
43
43
|
end
|
44
44
|
|
45
45
|
def has_option_group?(name)
|
46
|
-
ogs = @resource_via_client
|
46
|
+
ogs = @resource_via_client.option_group_memberships
|
47
47
|
ogs.find do |og|
|
48
|
-
og
|
48
|
+
og.option_group_name == name
|
49
49
|
end
|
50
50
|
end
|
51
51
|
|
52
52
|
private
|
53
53
|
|
54
54
|
def has_vpc_security_group_id?(sg_id)
|
55
|
-
sgs = @resource_via_client
|
55
|
+
sgs = @resource_via_client.vpc_security_groups
|
56
56
|
sgs.find do |sg|
|
57
|
-
sg
|
57
|
+
sg.vpc_security_group_id == sg_id
|
58
58
|
end
|
59
59
|
end
|
60
60
|
|
61
61
|
def has_vpc_security_group_name?(sg_id)
|
62
|
-
sgs = @resource_via_client
|
62
|
+
sgs = @resource_via_client.vpc_security_groups
|
63
63
|
res = ec2_client.describe_security_groups({
|
64
64
|
filters: [{ name: 'group-name', values: [sg_id] }]
|
65
65
|
})
|
66
|
-
return false unless res
|
66
|
+
return false unless res.security_groups.count == 1
|
67
67
|
sgs.find do |sg|
|
68
|
-
sg
|
68
|
+
sg.vpc_security_group_id == res.security_groups.first.group_id
|
69
69
|
end
|
70
70
|
end
|
71
71
|
|
72
72
|
def has_vpc_security_group_tag_name?(sg_id)
|
73
|
-
sgs = @resource_via_client
|
73
|
+
sgs = @resource_via_client.vpc_security_groups
|
74
74
|
res = ec2_client.describe_security_groups({
|
75
75
|
filters: [{ name: 'tag:Name', values: [sg_id] }]
|
76
76
|
})
|
77
|
-
return false unless res
|
77
|
+
return false unless res.security_groups.count == 1
|
78
78
|
sgs.find do |sg|
|
79
|
-
sg
|
79
|
+
sg.vpc_security_group_id == res.security_groups.first.group_id
|
80
80
|
end
|
81
81
|
end
|
82
82
|
|
83
83
|
def has_db_security_group_name?(sg_id)
|
84
|
-
sgs = @resource_via_client
|
84
|
+
sgs = @resource_via_client.db_security_groups
|
85
85
|
sgs.find do |sg|
|
86
|
-
sg
|
86
|
+
sg.db_security_group_name == sg_id
|
87
87
|
end
|
88
88
|
end
|
89
89
|
end
|
@@ -3,7 +3,7 @@ module Awspec::Type
|
|
3
3
|
def initialize(id)
|
4
4
|
super
|
5
5
|
@resource_via_client = find_hosted_zone(id)
|
6
|
-
@id = @resource_via_client
|
6
|
+
@id = @resource_via_client.id if @resource_via_client
|
7
7
|
return unless @id
|
8
8
|
@resource_via_client_record_sets = select_record_sets_by_hosted_zone_id(@id)
|
9
9
|
end
|
@@ -13,7 +13,7 @@ module Awspec::Type
|
|
13
13
|
ret = @resource_via_client_record_sets.find do |record_set|
|
14
14
|
# next if record_set.type != type.upcase
|
15
15
|
next unless record_set.type.casecmp(type) == 0
|
16
|
-
options[:ttl] = record_set
|
16
|
+
options[:ttl] = record_set[:ttl] unless options[:ttl]
|
17
17
|
if !record_set.resource_records.empty?
|
18
18
|
v = record_set.resource_records.map { |r| r.value }.join("\n")
|
19
19
|
record_set.name == name && \
|
@@ -6,7 +6,7 @@ module Awspec::Type
|
|
6
6
|
def initialize(id)
|
7
7
|
super
|
8
8
|
@resource_via_client = find_route_table(id)
|
9
|
-
@id = @resource_via_client
|
9
|
+
@id = @resource_via_client.route_table_id if @resource_via_client
|
10
10
|
end
|
11
11
|
|
12
12
|
def has_route?(destination,
|
@@ -29,7 +29,7 @@ module Awspec::Type
|
|
29
29
|
subnet = find_subnet(subnet_id)
|
30
30
|
return false unless subnet
|
31
31
|
@resource_via_client.associations.find do |a|
|
32
|
-
a
|
32
|
+
a.subnet_id == subnet.subnet_id
|
33
33
|
end
|
34
34
|
end
|
35
35
|
|
@@ -6,7 +6,7 @@ module Awspec::Type
|
|
6
6
|
super
|
7
7
|
@inbound = true
|
8
8
|
@resource_via_client = find_security_group(id)
|
9
|
-
@id = @resource_via_client
|
9
|
+
@id = @resource_via_client.group_id if @resource_via_client
|
10
10
|
end
|
11
11
|
|
12
12
|
def opened?(port = nil, protocol = nil, cidr = nil)
|
@@ -20,23 +20,23 @@ module Awspec::Type
|
|
20
20
|
end
|
21
21
|
|
22
22
|
def inbound_opened?(port = nil, protocol = nil, cidr = nil)
|
23
|
-
@resource_via_client
|
23
|
+
@resource_via_client.ip_permissions.find do |permission|
|
24
24
|
next true unless port
|
25
|
-
next true unless permission
|
26
|
-
next true unless permission
|
27
|
-
next false unless port_between?(port, permission
|
28
|
-
next false if protocol && permission
|
25
|
+
next true unless permission.from_port
|
26
|
+
next true unless permission.to_port
|
27
|
+
next false unless port_between?(port, permission.from_port, permission.to_port)
|
28
|
+
next false if protocol && permission.ip_protocol != protocol
|
29
29
|
next true unless cidr
|
30
|
-
ret = permission
|
31
|
-
ip_range
|
30
|
+
ret = permission.ip_ranges.select do |ip_range|
|
31
|
+
ip_range.cidr_ip == cidr
|
32
32
|
end
|
33
33
|
next true if ret.count > 0
|
34
|
-
ret = permission
|
35
|
-
next true if sg
|
36
|
-
sg2 = find_security_group(sg
|
37
|
-
next true if sg2
|
38
|
-
sg2
|
39
|
-
tag
|
34
|
+
ret = permission.user_id_group_pairs.select do |sg|
|
35
|
+
next true if sg.group_id == cidr
|
36
|
+
sg2 = find_security_group(sg.group_id)
|
37
|
+
next true if sg2.group_name == cidr
|
38
|
+
sg2.tags.find do |tag|
|
39
|
+
tag.key == 'Name' && tag.value == cidr
|
40
40
|
end
|
41
41
|
end
|
42
42
|
next true if ret.count > 0
|
@@ -44,35 +44,35 @@ module Awspec::Type
|
|
44
44
|
end
|
45
45
|
|
46
46
|
def inbound_opened_only?(port = nil, protocol = nil, cidr = nil)
|
47
|
-
permissions = @resource_via_client
|
48
|
-
port_between?(port, permission
|
47
|
+
permissions = @resource_via_client.ip_permissions.select do |permission|
|
48
|
+
port_between?(port, permission.from_port, permission.to_port)
|
49
49
|
end
|
50
|
-
permissions = permissions.select { |permission| permission
|
50
|
+
permissions = permissions.select { |permission| permission.ip_protocol == protocol }
|
51
51
|
cidrs = []
|
52
52
|
permissions.each do |permission|
|
53
|
-
permission
|
53
|
+
permission.ip_ranges.select { |ip_range| cidrs.push(ip_range.cidr_ip) }
|
54
54
|
end
|
55
55
|
cidrs == Array(cidr)
|
56
56
|
end
|
57
57
|
|
58
58
|
def outbound_opened?(port = nil, protocol = nil, cidr = nil)
|
59
|
-
@resource_via_client
|
59
|
+
@resource_via_client.ip_permissions_egress.find do |permission|
|
60
60
|
next true unless port
|
61
|
-
next true unless permission
|
62
|
-
next true unless permission
|
63
|
-
next false unless port_between?(port, permission
|
64
|
-
next false if protocol && permission
|
61
|
+
next true unless permission.from_port
|
62
|
+
next true unless permission.to_port
|
63
|
+
next false unless port_between?(port, permission.from_port, permission.to_port)
|
64
|
+
next false if protocol && permission.ip_protocol != protocol
|
65
65
|
next true unless cidr
|
66
|
-
ret = permission
|
67
|
-
ip_range
|
66
|
+
ret = permission.ip_ranges.select do |ip_range|
|
67
|
+
ip_range.cidr_ip == cidr
|
68
68
|
end
|
69
69
|
next true if ret.count > 0
|
70
|
-
ret = permission
|
71
|
-
next true if sg
|
72
|
-
sg2 = find_security_group(sg
|
73
|
-
next true if sg2
|
74
|
-
sg2
|
75
|
-
tag
|
70
|
+
ret = permission.user_id_group_pairs.select do |sg|
|
71
|
+
next true if sg.group_id == cidr
|
72
|
+
sg2 = find_security_group(sg.group_id)
|
73
|
+
next true if sg2.group_name == cidr
|
74
|
+
sg2.tags.find do |tag|
|
75
|
+
tag.key == 'Name' && tag.value == cidr
|
76
76
|
end
|
77
77
|
end
|
78
78
|
next true if ret.count > 0
|
@@ -80,13 +80,13 @@ module Awspec::Type
|
|
80
80
|
end
|
81
81
|
|
82
82
|
def outbound_opened_only?(port = nil, protocol = nil, cidr = nil)
|
83
|
-
permissions = @resource_via_client
|
84
|
-
port_between?(port, permission
|
83
|
+
permissions = @resource_via_client.ip_permissions_egress.select do |permission|
|
84
|
+
port_between?(port, permission.from_port, permission.to_port)
|
85
85
|
end
|
86
|
-
permissions = permissions.select { |permission| permission
|
86
|
+
permissions = permissions.select { |permission| permission.ip_protocol == protocol }
|
87
87
|
cidrs = []
|
88
88
|
permissions.each do |permission|
|
89
|
-
permission
|
89
|
+
permission.ip_ranges.select { |ip_range| cidrs.push(ip_range.cidr_ip) }
|
90
90
|
end
|
91
91
|
cidrs == Array(cidr)
|
92
92
|
end
|
@@ -102,23 +102,23 @@ module Awspec::Type
|
|
102
102
|
end
|
103
103
|
|
104
104
|
def ip_permissions_count
|
105
|
-
@resource_via_client
|
105
|
+
@resource_via_client.ip_permissions.count
|
106
106
|
end
|
107
107
|
alias_method :inbound_permissions_count, :ip_permissions_count
|
108
108
|
|
109
109
|
def ip_permissions_egress_count
|
110
|
-
@resource_via_client
|
110
|
+
@resource_via_client.ip_permissions_egress.count
|
111
111
|
end
|
112
112
|
alias_method :outbound_permissions_count, :ip_permissions_egress_count
|
113
113
|
|
114
114
|
def inbound_rule_count
|
115
|
-
@resource_via_client
|
115
|
+
@resource_via_client.ip_permissions.reduce(0) do |sum, permission|
|
116
116
|
sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
|
117
117
|
end
|
118
118
|
end
|
119
119
|
|
120
120
|
def outbound_rule_count
|
121
|
-
@resource_via_client
|
121
|
+
@resource_via_client.ip_permissions_egress.reduce(0) do |sum, permission|
|
122
122
|
sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
|
123
123
|
end
|
124
124
|
end
|