awspec 1.19.1 → 1.19.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/doc/resource_types.md +7 -3
  3. data/lib/awspec/type/security_group.rb +44 -0
  4. data/lib/awspec/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 18795d83f853defad01b4fba21d8c37adde28239a88695fc6092c9cd3c7bda52
4
- data.tar.gz: 4f1e5ca8c45bf66e2eef19db079c68930895b2f8cf4fee283bfb2d09138211e0
3
+ metadata.gz: 0cb0f518cbb9a6fd1719a6ab94547039f8ce88140d1a3536f47813f2c1de866a
4
+ data.tar.gz: 7ac384fb88ba40da139ba7ff562b17b93c2000a89dada4011ad9a3eeda64976a
5
5
  SHA512:
6
- metadata.gz: 17ce9cd02aca06f1ce991448a4e74776d9c795242dfe4297d971cf2cdb97124c4009509c4f2927202081800a3c940aeae627d1548cbd18e9317659b2445ebd92
7
- data.tar.gz: e8a3945166922c258860cc332d802872b47c1dd8551165ec70520cdfaa92734edace4ad9a2b941688771b656a88db2de9bdd313ac75a5f1922d6cdb540a9fce4
6
+ metadata.gz: 027a2d063404ce032e2257d01e520a142152e81c33118d69a8a1a2f8defc9667b50f45362bc9051ef6e08594f47d4d9cc2fcafb64b508ce9e023bbd01a61701f
7
+ data.tar.gz: ad59add2cf039e0e2371b96899106f970c1d0a64ef3a0aca81f54af7f9fa9c5253563cad3772e1579f88837fe227ce34fe5de1cc23c3eba48f4eec8f56d080f8
data/doc/resource_types.md CHANGED
@@ -198,7 +198,7 @@ describe alb_listener('arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:li
198
198
  end
199
199
  ```
200
200
 
201
- ### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy)
201
+ ### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy), its(:alpn_policy)
202
202
  ## <a name="alb_target_group">alb_target_group</a>
203
203
 
204
204
  AlbTargetGroup resource type.
@@ -1620,7 +1620,7 @@ describe emr('my-emr') do
1620
1620
  end
1621
1621
  ```
1622
1622
 
1623
- ### its(:id), its(:name), its(:instance_collection_type), its(:log_uri), its(:requested_ami_version), its(:running_ami_version), its(:release_label), its(:auto_terminate), its(:termination_protected), its(:visible_to_all_users), its(:service_role), its(:normalized_instance_hours), its(:master_public_dns_name), its(:configurations), its(:security_configuration), its(:auto_scaling_role), its(:scale_down_behavior), its(:custom_ami_id), its(:ebs_root_volume_size), its(:repo_upgrade_on_boot), its(:cluster_arn), its(:outpost_arn), its(:step_concurrency_level)
1623
+ ### its(:id), its(:name), its(:instance_collection_type), its(:log_uri), its(:log_encryption_kms_key_id), its(:requested_ami_version), its(:running_ami_version), its(:release_label), its(:auto_terminate), its(:termination_protected), its(:visible_to_all_users), its(:service_role), its(:normalized_instance_hours), its(:master_public_dns_name), its(:configurations), its(:security_configuration), its(:auto_scaling_role), its(:scale_down_behavior), its(:custom_ami_id), its(:ebs_root_volume_size), its(:repo_upgrade_on_boot), its(:cluster_arn), its(:outpost_arn), its(:step_concurrency_level)
1624
1624
  ## <a name="firehose">firehose</a>
1625
1625
 
1626
1626
  Firehose resource type.
@@ -2591,7 +2591,7 @@ describe nlb_listener('arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:li
2591
2591
  end
2592
2592
  ```
2593
2593
 
2594
- ### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy)
2594
+ ### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy), its(:alpn_policy)
2595
2595
  ## <a name="nlb_target_group">nlb_target_group</a>
2596
2596
 
2597
2597
  NlbTargetGroup resource type.
@@ -3200,6 +3200,10 @@ end
3200
3200
 
3201
3201
  ### be_outbound_opened_only
3202
3202
 
3203
+ ### have_inbound_rule
3204
+
3205
+ ### have_outbound_rule
3206
+
3203
3207
  ### have_tag
3204
3208
 
3205
3209
  ```ruby
data/lib/awspec/type/security_group.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  module Awspec::Type
2
+ # rubocop:disable Metrics/ClassLength
2
3
  class SecurityGroup < ResourceBase
3
4
  aws_resource Aws::EC2::SecurityGroup
4
5
  tags_allowed
@@ -75,12 +76,24 @@ module Awspec::Type
75
76
  end
76
77
  alias_method :outbound_permissions_count, :ip_permissions_egress_count
77
78
 
79
+ def has_inbound_rule?(rule)
80
+ resource_via_client.ip_permissions.find do |permission|
81
+ sg_rule_match?(permission, rule)
82
+ end
83
+ end
84
+
78
85
  def inbound_rule_count
79
86
  resource_via_client.ip_permissions.reduce(0) do |sum, permission|
80
87
  sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
81
88
  end
82
89
  end
83
90
 
91
+ def has_outbound_rule?(rule)
92
+ resource_via_client.ip_permissions_egress.find do |permission|
93
+ sg_rule_match?(permission, rule)
94
+ end
95
+ end
96
+
84
97
  def outbound_rule_count
85
98
  resource_via_client.ip_permissions_egress.reduce(0) do |sum, permission|
86
99
  sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
@@ -144,5 +157,36 @@ module Awspec::Type
144
157
  port.between?(from_port, to_port)
145
158
  end
146
159
  end
160
+
161
+ def sg_rule_match?(permission, rule)
162
+ rule[:ip_protocol] = '-1' if rule[:ip_protocol] == 'all'
163
+ return false unless permission.ip_protocol == rule[:ip_protocol]
164
+ return false unless permission.ip_protocol == '-1' || permission.from_port == rule[:from_port]
165
+ return false unless permission.ip_protocol == '-1' || permission.to_port == rule[:to_port]
166
+
167
+ if rule[:ip_range]
168
+ return false unless permission.ip_ranges.find do |ip_range|
169
+ ip_range.cidr_ip == rule[:ip_range]
170
+ end
171
+ elsif rule[:group_pair]
172
+ return false unless permission.user_id_group_pairs.find do |pair|
173
+ group_pair_match?(pair, rule[:group_pair])
174
+ end
175
+ end
176
+ true
177
+ end
178
+
179
+ def group_pair_match?(actual_pair, rule_pair)
180
+ return false unless actual_pair.group_id == rule_pair[:group_id] || rule_pair[:group_id].nil?
181
+ return false unless actual_pair.group_name == rule_pair[:group_name] || rule_pair[:group_name].nil?
182
+ return false unless actual_pair.user_id == rule_pair[:user_id] || rule_pair[:user_id].nil?
183
+ return false unless actual_pair.vpc_id == rule_pair[:vpc_id] || rule_pair[:vpc_id].nil?
184
+ return false unless
185
+ actual_pair.vpc_peering_connection_id == rule_pair[:vpc_peering_connection_id] ||
186
+ rule_pair[:vpc_peering_connection_id].nil?
187
+ return false unless actual_pair.peering_status == rule_pair[:peering_status] || rule_pair[:peering_status].nil?
188
+ true
189
+ end
147
190
  end
191
+ # rubocop:enable Metrics/ClassLength
148
192
  end
data/lib/awspec/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Awspec
2
- VERSION = '1.19.1'
2
+ VERSION = '1.19.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: awspec
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.19.1
4
+ version: 1.19.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - k1LoW
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-05-28 00:00:00.000000000 Z
11
+ date: 2020-06-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk