RubyGems - convection - Versions diffs - 0.2.13 → 0.2.14 - Mend

convection 0.2.13 → 0.2.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/example/security-groups.rb +37 -0
data/lib/convection/model/template/resource/aws_ec2_security_group.rb +5 -4
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d2a32482c234ff9f7b1e21880c89a908f56e6941
-  data.tar.gz: 2e85ff91a4f8a3113f79dbd4419eb9a8fd40154b
+  metadata.gz: f6ce04b3301441c8a25277d9b0c05c3633dbb25a
+  data.tar.gz: a96ecb3a1dd62ecaee0bce721f5254daeb4ff49f
 SHA512:
-  metadata.gz: b020485dc81ae2cda1f2e144804f2ddd051086c3c1203241e7869877c8a45842d7005de6e5a7f3fbe23040ae83f70cb939c5ed57147a26612611fa3b1a861cb1
-  data.tar.gz: 6573b5f42ec7252432e0b9ac26d29fb4c27286ccdaf5af3d7002920016c04b5ada75932f18e271c4925ba6c642c03fbb33eb90d7bf162ff82b6491741e400bad
+  metadata.gz: 2dd60878873c033ed0e91fb667b824d2cc7df021e4fc0283a64f24a01e5357d4c7015266674c45be13a0ed969e347bfe5327c59fa3dcf5a6c736805e19477ea6
+  data.tar.gz: 95152de7d87ff586342818cb451d4b13f7b81b37af4d12d6b950b755a3451a99ac93082999cc70ee53539f16f649d815d0db64c22a2525045ca0d26300bbf22d

data/example/security-groups.rb CHANGED Viewed

@@ -35,6 +35,43 @@ module Convection
         with_output
       end
+      ec2_security_group 'FoobarEgress' do
+        vpc stack.get('vpc', 'id')
+        description 'Foobar Egress'
+        egress_rule(:tcp, 80, '0.0.0.0/0')
+        egress_rule(:tcp, 443, '0.0.0.0/0')
+        tag 'Name', "sg-foobar-egress-#{ stack.cloud }"
+        tag 'Service', 'foobar'
+        tag 'Resource', 'EC2'
+        tag 'Scope', 'private'
+        tag 'Stack', stack.cloud
+        with_output
+      end
+      ec2_security_group 'FoobarNoEgress' do
+        vpc stack.get('vpc', 'id')
+        description 'Foobar No Egress'
+        # By default, Cloud Formation adds a default egress rule that allows
+        # egress traffic on all ports and IP protocols to any location.  The default
+        # rule is removed only when you specify one or more egress rules.  If you want
+        # to remove the default rule and limit egress traffic to just the localhost,
+        # you can use the following rule:
+        # See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html
+        egress_rule(-1, nil, '127.0.0.1/32')
+        tag 'Name', "sg-foobar-noegress-#{ stack.cloud }"
+        tag 'Service', 'foobar'
+        tag 'Resource', 'EC2'
+        tag 'Scope', 'private'
+        tag 'Stack', stack.cloud
+        with_output
+      end
     end
   end
 end

data/lib/convection/model/template/resource/aws_ec2_security_group.rb CHANGED Viewed

@@ -19,11 +19,12 @@ module Convection
             security_group_ingress << rule
           end
-          def egress_rule(protocol = nil, port = nil, &block)
+          def egress_rule(protocol = nil, port = nil, destination = nil, &block)
             rule = Model::Template::Resource::EC2SecurityGroup::Rule.new("#{ name }EgressGroupRule", @template)
             rule.protocol = protocol unless protocol.nil?
             rule.from = port unless port.nil?
             rule.to = port unless port.nil?
+            rule.destination = destination unless destination.nil?
             rule.instance_exec(&block) if block
             security_group_egress << rule
@@ -62,10 +63,10 @@ module Convection
             def render
               {
-                'IpProtocol' => Mixin::Protocol.lookup(protocol),
-                'FromPort' => from,
-                'ToPort' => to
+                'IpProtocol' => Mixin::Protocol.lookup(protocol)
               }.tap do |rule|
+                rule['FromPort'] = from unless from.nil?
+                rule['ToPort'] = to unless to.nil?
                 rule['CidrIp'] = source unless source.nil?
                 rule['CidrIp'] = destination unless destination.nil?
                 rule['DestinationSecurityGroupId'] = destination_group unless destination_group.nil?

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: convection
 version: !ruby/object:Gem::Version
-  version: 0.2.13
+  version: 0.2.14
 platform: ruby
 authors:
 - John Manero
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-02-05 00:00:00.000000000 Z
+date: 2016-03-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk