fog-aws 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (42) hide show
  1. checksums.yaml +4 -4
  2. data/lib/fog/aws/dns.rb +14 -1
  3. data/lib/fog/aws/iam.rb +9 -0
  4. data/lib/fog/aws/models/compute/flavors.rb +50 -0
  5. data/lib/fog/aws/models/dns/records.rb +14 -20
  6. data/lib/fog/aws/models/dns/zones.rb +1 -1
  7. data/lib/fog/aws/models/storage/file.rb +28 -3
  8. data/lib/fog/aws/models/storage/files.rb +5 -0
  9. data/lib/fog/aws/parsers/.DS_Store +0 -0
  10. data/lib/fog/aws/parsers/iam/list_managed_policies.rb +29 -0
  11. data/lib/fog/aws/parsers/iam/policy_parser.rb +57 -0
  12. data/lib/fog/aws/parsers/iam/single_policy.rb +27 -0
  13. data/lib/fog/aws/rds.rb +3 -1
  14. data/lib/fog/aws/requests/.DS_Store +0 -0
  15. data/lib/fog/aws/requests/compute/authorize_security_group_ingress.rb +67 -62
  16. data/lib/fog/aws/requests/compute/delete_security_group.rb +42 -28
  17. data/lib/fog/aws/requests/dns/change_resource_record_sets.rb +20 -20
  18. data/lib/fog/aws/requests/dns/create_hosted_zone.rb +1 -3
  19. data/lib/fog/aws/requests/dns/delete_hosted_zone.rb +5 -7
  20. data/lib/fog/aws/requests/dns/get_change.rb +11 -16
  21. data/lib/fog/aws/requests/dns/get_hosted_zone.rb +1 -3
  22. data/lib/fog/aws/requests/dns/list_resource_record_sets.rb +7 -12
  23. data/lib/fog/aws/requests/dynamodb/scan.rb +2 -1
  24. data/lib/fog/aws/requests/iam/attach_group_policy.rb +32 -0
  25. data/lib/fog/aws/requests/iam/attach_role_policy.rb +32 -0
  26. data/lib/fog/aws/requests/iam/attach_user_policy.rb +32 -0
  27. data/lib/fog/aws/requests/iam/create_policy.rb +47 -0
  28. data/lib/fog/aws/requests/iam/delete_policy.rb +30 -0
  29. data/lib/fog/aws/requests/iam/detach_group_policy.rb +32 -0
  30. data/lib/fog/aws/requests/iam/detach_role_policy.rb +32 -0
  31. data/lib/fog/aws/requests/iam/detach_user_policy.rb +32 -0
  32. data/lib/fog/aws/requests/iam/list_policies.rb +47 -0
  33. data/lib/fog/aws/requests/storage/head_object_url.rb +40 -0
  34. data/lib/fog/aws/storage.rb +1 -0
  35. data/lib/fog/aws/version.rb +1 -1
  36. data/tests/models/compute/security_group_tests.rb +11 -1
  37. data/tests/models/storage/file_tests.rb +29 -0
  38. data/tests/requests/compute/security_group_tests.rb +9 -0
  39. data/tests/requests/dns/dns_tests.rb +29 -42
  40. data/tests/requests/iam/managed_policy_tests.rb +91 -0
  41. data/tests/requests/storage/object_tests.rb +6 -0
  42. metadata +18 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 22f2c524c85c86ab1668a6852c9c6c4f22545f45
4
- data.tar.gz: 790fb6ee76f14d24586006db89bcd96a6f890e2e
3
+ metadata.gz: cdc745bb5b1444b37a5fd7c9ab29afe8aca65eec
4
+ data.tar.gz: 412dec3ceb7f2afc1232ba1115b8b09bdafd5b59
5
5
  SHA512:
6
- metadata.gz: 09ac54ca56bc9da50d39ee43c762a4837daa9fb5a2c6617c75d11adb191a18ed863d339e141f257edec655e03475772065d0237e210776223723700257fa8df7
7
- data.tar.gz: 2606b75208e8cf01a729b8ae2ab930619c2b1b021925ffa67d087657ced1a8ec714bb4a917095ea7ca3787eb8499c68e2480358fc0615c8e31a5fa945874762b
6
+ metadata.gz: b711a8189322c47c11ab9ff818302657fff403f14062169663f4914f7efc58a6aa706e826fdc21a3b2bac0cccc6974c7cb7f985323e0ceda3cfccb97efcd552c
7
+ data.tar.gz: 0254a3121c9fed3f257634c80f06939e6b6008adcddc8ac873d3a3c57ae70a8e0942a2f42a670cd9a88dfc2a1c56b77ade2ffa3a70d8f96ae8a6d4a61aa4fa38
data/lib/fog/aws/dns.rb CHANGED
@@ -79,7 +79,7 @@ module Fog
79
79
  # :aws_secret_access_key in order to create a connection
80
80
  #
81
81
  # ==== Examples
82
- # dns = Fog::AWS::DNS.new(
82
+ # dns = Fog::DNS::AWS.new(
83
83
  # :aws_access_key_id => your_aws_access_key_id,
84
84
  # :aws_secret_access_key => your_aws_secret_access_key
85
85
  # )
@@ -141,6 +141,19 @@ module Fog
141
141
 
142
142
  def _request(params, &block)
143
143
  @connection.request(params, &block)
144
+ rescue Excon::Errors::HTTPStatusError => error
145
+ match = Fog::AWS::Errors.match_error(error)
146
+
147
+ if match.empty?
148
+ raise
149
+ else
150
+ case match[:code]
151
+ when 'NoSuchHostedZone', 'NoSuchChange' then
152
+ Fog::DNS::AWS::NotFound.slurp(error, match[:message])
153
+ else
154
+ Fog::DNS::AWS::Error.slurp(error, "#{match[:code]} => #{match[:message]}")
155
+ end
156
+ end
144
157
  end
145
158
 
146
159
  def signature(params)
data/lib/fog/aws/iam.rb CHANGED
@@ -17,11 +17,15 @@ module Fog
17
17
  request_path 'fog/aws/requests/iam'
18
18
  request :add_user_to_group
19
19
  request :add_role_to_instance_profile
20
+ request :attach_group_policy
21
+ request :attach_role_policy
22
+ request :attach_user_policy
20
23
  request :create_access_key
21
24
  request :create_account_alias
22
25
  request :create_group
23
26
  request :create_instance_profile
24
27
  request :create_login_profile
28
+ request :create_policy
25
29
  request :create_role
26
30
  request :create_user
27
31
  request :delete_access_key
@@ -31,12 +35,16 @@ module Fog
31
35
  request :delete_group_policy
32
36
  request :delete_instance_profile
33
37
  request :delete_login_profile
38
+ request :delete_policy
34
39
  request :delete_role
35
40
  request :delete_role_policy
36
41
  request :delete_server_certificate
37
42
  request :delete_signing_certificate
38
43
  request :delete_user
39
44
  request :delete_user_policy
45
+ request :detach_group_policy
46
+ request :detach_role_policy
47
+ request :detach_user_policy
40
48
  request :get_account_summary
41
49
  request :get_account_password_policy
42
50
  request :get_group
@@ -56,6 +64,7 @@ module Fog
56
64
  request :list_instance_profiles
57
65
  request :list_instance_profiles_for_role
58
66
  request :list_mfa_devices
67
+ request :list_policies
59
68
  request :list_roles
60
69
  request :list_role_policies
61
70
  request :list_server_certificates
data/lib/fog/aws/models/compute/flavors.rb CHANGED
@@ -155,6 +155,56 @@ module Fog
155
155
  :ebs_optimized_available => false,
156
156
  :instance_store_volumes => 2
157
157
  },
158
+ {
159
+ :id => 'c4.large',
160
+ :name => 'C4 Large',
161
+ :bits => 64,
162
+ :cores => 7,
163
+ :disk => 32,
164
+ :ram => 3750,
165
+ :ebs_optimized_available => true,
166
+ :instance_store_volumes => 2
167
+ },
168
+ {
169
+ :id => 'c4.xlarge',
170
+ :name => 'C4 Extra Large',
171
+ :bits => 64,
172
+ :cores => 14,
173
+ :disk => 80,
174
+ :ram => 7168,
175
+ :ebs_optimized_available => true,
176
+ :instance_store_volumes => 2
177
+ },
178
+ {
179
+ :id => 'c4.2xlarge',
180
+ :name => 'C4 Double Extra Large',
181
+ :bits => 64,
182
+ :cores => 28,
183
+ :disk => 160,
184
+ :ram => 15360,
185
+ :ebs_optimized_available => true,
186
+ :instance_store_volumes => 2
187
+ },
188
+ {
189
+ :id => 'c4.4xlarge',
190
+ :name => 'C4 Quadruple Extra Large',
191
+ :bits => 64,
192
+ :cores => 55,
193
+ :disk => 320,
194
+ :ram => 30720,
195
+ :ebs_optimized_available => true,
196
+ :instance_store_volumes => 2
197
+ },
198
+ {
199
+ :id => 'c4.8xlarge',
200
+ :name => 'C4 Eight Extra Large',
201
+ :bits => 64,
202
+ :cores => 122,
203
+ :disk => 640,
204
+ :ram => 61440,
205
+ :ebs_optimized_available => false,
206
+ :instance_store_volumes => 2
207
+ },
158
208
  {
159
209
  :id => 'g2.2xlarge',
160
210
  :name => 'GPU Double Extra Large',
data/lib/fog/aws/models/dns/records.rb CHANGED
@@ -81,32 +81,26 @@ module Fog
81
81
  record_type = record_type.upcase unless record_type.nil?
82
82
 
83
83
  options = {
84
- :max_items => 1,
85
- :name => record_name,
86
- :type => record_type,
84
+ :max_items => 1,
85
+ :name => record_name,
86
+ :type => record_type,
87
87
  :identifier => record_identifier
88
88
  }
89
89
  options.delete_if {|key, value| value.nil?}
90
90
 
91
91
  data = service.list_resource_record_sets(zone.id, options).body
92
- # Get first record
93
- data = data['ResourceRecordSets'].shift
94
-
95
- if data
96
- record = new(data)
97
- # make sure everything matches
98
- if record.name == record_name
99
- if (!record_type.nil? && record.type != record_type) ||
100
- (!record_identifier.nil? && record.set_identifier != record_identifier)
101
- nil
102
- else
103
- record
104
- end
92
+
93
+ # look for an exact match in the records
94
+ (data['ResourceRecordSets'] || []).map do |record_data|
95
+ record = new(record_data)
96
+
97
+ if (record.name == record_name) &&
98
+ (record_type.nil? || (record.type == record_type)) &&
99
+ (record_identifier.nil? || (record.set_identifier == record_identifier))
100
+ record
105
101
  end
106
- else
107
- nil
108
- end
109
- rescue Excon::Errors::NotFound
102
+ end.compact.first
103
+ rescue Fog::DNS::AWS::NotFound
110
104
  nil
111
105
  end
112
106
 
data/lib/fog/aws/models/dns/zones.rb CHANGED
@@ -20,7 +20,7 @@ module Fog
20
20
  def get(zone_id)
21
21
  data = service.get_hosted_zone(zone_id).body
22
22
  new(data)
23
- rescue Excon::Errors::NotFound
23
+ rescue Fog::DNS::AWS::NotFound
24
24
  nil
25
25
  end
26
26
  end
data/lib/fog/aws/models/storage/file.rb CHANGED
@@ -23,6 +23,7 @@ module Fog
23
23
  attribute :owner, :aliases => 'Owner'
24
24
  attribute :storage_class, :aliases => ['x-amz-storage-class', 'StorageClass']
25
25
  attribute :encryption, :aliases => 'x-amz-server-side-encryption'
26
+ attribute :encryption_key, :aliases => 'x-amz-server-side-encryption-customer-key'
26
27
  attribute :version, :aliases => 'x-amz-version-id'
27
28
 
28
29
  # @note Chunk size to use for multipart uploads.
@@ -199,7 +200,7 @@ module Fog
199
200
  options['Expires'] = expires if expires
200
201
  options.merge!(metadata)
201
202
  options['x-amz-storage-class'] = storage_class if storage_class
202
- options['x-amz-server-side-encryption'] = encryption if encryption
203
+ options.merge!(encryption_headers)
203
204
 
204
205
  if multipart_chunk_size && body.respond_to?(:read)
205
206
  data = multipart_save(options)
@@ -261,8 +262,7 @@ module Fog
261
262
  body.rewind rescue nil
262
263
  end
263
264
  while (chunk = body.read(multipart_chunk_size)) do
264
- md5 = Base64.encode64(Digest::MD5.digest(chunk)).strip
265
- part_upload = service.upload_part(directory.key, key, upload_id, part_tags.size + 1, chunk, 'Content-MD5' => md5 )
265
+ part_upload = service.upload_part(directory.key, key, upload_id, part_tags.size + 1, chunk, part_headers(chunk, options))
266
266
  part_tags << part_upload.headers["ETag"]
267
267
  end
268
268
 
@@ -274,6 +274,31 @@ module Fog
274
274
  # Complete the upload
275
275
  service.complete_multipart_upload(directory.key, key, upload_id, part_tags)
276
276
  end
277
+
278
+ def encryption_headers
279
+ if encryption && encryption_key
280
+ encryption_customer_key_headers
281
+ elsif encryption
282
+ { 'x-amz-server-side-encryption' => encryption }
283
+ else
284
+ {}
285
+ end
286
+ end
287
+
288
+ def part_headers(chunk, options)
289
+ md5 = Base64.encode64(Digest::MD5.digest(chunk)).strip
290
+ encryption_keys = encryption_customer_key_headers.keys
291
+ encryption_headers = options.select { |key| encryption_keys.include?(key) }
292
+ { 'Content-MD5' => md5 }.merge(encryption_headers)
293
+ end
294
+
295
+ def encryption_customer_key_headers
296
+ {
297
+ 'x-amz-server-side-encryption-customer-algorithm' => encryption,
298
+ 'x-amz-server-side-encryption-customer-key' => Base64.encode64(encryption_key.to_s).chomp!,
299
+ 'x-amz-server-side-encryption-customer-key-md5' => Base64.encode64(Digest::MD5.digest(encryption_key.to_s)).chomp!
300
+ }
301
+ end
277
302
  end
278
303
  end
279
304
  end
data/lib/fog/aws/models/storage/files.rb CHANGED
@@ -92,6 +92,11 @@ module Fog
92
92
  service.get_object_https_url(directory.key, key, expires, options)
93
93
  end
94
94
 
95
+ def head_url(key, expires, options = {})
96
+ requires :directory
97
+ service.head_object_url(directory.key, key, expires, options)
98
+ end
99
+
95
100
  def head(key, options = {})
96
101
  requires :directory
97
102
  data = service.head_object(directory.key, key, options)
data/lib/fog/aws/parsers/iam/list_managed_policies.rb ADDED
@@ -0,0 +1,29 @@
1
+ module Fog
2
+ module Parsers
3
+ module AWS
4
+ module IAM
5
+ require 'fog/aws/parsers/iam/policy_parser'
6
+ class ListManagedPolicies < Fog::Parsers::AWS::IAM::PolicyParser
7
+ def reset
8
+ super
9
+ @response = { 'Policies' => [] , 'Marker' => '', 'IsTruncated' => false}
10
+ end
11
+
12
+ def finished_policy(policy)
13
+ @response['Policies'] << policy
14
+ end
15
+
16
+ def end_element(name)
17
+ case name
18
+ when 'RequestId', 'Marker'
19
+ @response[name] = value
20
+ when 'IsTruncated'
21
+ @response[name] = (value == 'true')
22
+ end
23
+ super
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
29
+ end
data/lib/fog/aws/parsers/iam/policy_parser.rb ADDED
@@ -0,0 +1,57 @@
1
+ module Fog
2
+ module Parsers
3
+ module AWS
4
+ module IAM
5
+ class PolicyParser < Fog::Parsers::Base
6
+ def reset
7
+ @policy = fresh_policy
8
+ @stack = []
9
+ end
10
+
11
+ def start_element(name,attrs = [])
12
+ case name
13
+ when 'Policies'
14
+ @stack << name
15
+ when 'Policy'
16
+ @role =fresh_policy
17
+ when 'member'
18
+ if @stack.last == 'Policies'
19
+ @role = fresh_policy
20
+ end
21
+ end
22
+ super
23
+ end
24
+
25
+ def fresh_policy
26
+ {'AttachmentCount' => 0, 'Description' => ''}
27
+ end
28
+
29
+ def end_element(name)
30
+ case name
31
+ when 'Arn', 'DefaultVersionId', 'Description', 'Path', 'PolicyName', 'PolicyId'
32
+ @policy[name] = value
33
+ when 'CreateDate', 'UpdateDate'
34
+ @policy[name] = Time.parse(value)
35
+ when 'IsAttachable'
36
+ @policy[name] = (value == 'true')
37
+ when 'AttachmentCount'
38
+ @policy[name] = value.to_i
39
+ when 'Policy'
40
+ finished_policy(@policy)
41
+ @policy = nil
42
+ when 'Policies'
43
+ if @stack.last == 'Policies'
44
+ @stack.pop
45
+ end
46
+ when 'member'
47
+ if @stack.last == 'Policies'
48
+ finished_policy(@policy)
49
+ @policy = nil
50
+ end
51
+ end
52
+ end
53
+ end
54
+ end
55
+ end
56
+ end
57
+ end
data/lib/fog/aws/parsers/iam/single_policy.rb ADDED
@@ -0,0 +1,27 @@
1
+ module Fog
2
+ module Parsers
3
+ module AWS
4
+ module IAM
5
+ require 'fog/aws/parsers/iam/policy_parser'
6
+ class SinglePolicy < Fog::Parsers::AWS::IAM::PolicyParser
7
+ def reset
8
+ super
9
+ @response = { 'Policy' => {} }
10
+ end
11
+
12
+ def finished_policy(policy)
13
+ @response['Policy'] = policy
14
+ end
15
+
16
+ def end_element(name)
17
+ case name
18
+ when 'RequestId'
19
+ @response[name] = value
20
+ end
21
+ super
22
+ end
23
+ end
24
+ end
25
+ end
26
+ end
27
+ end
data/lib/fog/aws/rds.rb CHANGED
@@ -126,11 +126,13 @@ module Fog
126
126
 
127
127
  def initialize(options={})
128
128
  @use_iam_profile = options[:use_iam_profile]
129
- @region = options[:region] || 'us-east-1'
129
+ @region = options[:region] || 'us-east-1'
130
130
 
131
131
  unless ['ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', 'eu-central-1', 'eu-west-1', 'us-east-1', 'us-west-1', 'us-west-2', 'sa-east-1'].include?(@region)
132
132
  raise ArgumentError, "Unknown region: #{@region.inspect}"
133
133
  end
134
+
135
+ setup_credentials(options)
134
136
  end
135
137
 
136
138
  def data
data/lib/fog/aws/requests/compute/authorize_security_group_ingress.rb CHANGED
@@ -87,43 +87,39 @@ module Fog
87
87
  end
88
88
 
89
89
  response = Excon::Response.new
90
- group = self.data[:security_groups][group_name]
90
+ group = self.data[:security_groups][group_name] || raise(Fog::Compute::AWS::NotFound.new("The security group '#{group_name}' does not exist"))
91
91
 
92
- if group
93
- verify_permission_options(options, group['vpcId'] != nil)
92
+ verify_permission_options(options, group['vpcId'] != nil)
94
93
 
95
- normalized_permissions = normalize_permissions(options)
94
+ normalized_permissions = normalize_permissions(options)
96
95
 
97
- normalized_permissions.each do |permission|
98
- if matching_group_permission = find_matching_permission(group, permission)
99
- if permission['groups'].any? {|pg| matching_group_permission['groups'].include?(pg) }
100
- raise Fog::Compute::AWS::Error, "InvalidPermission.Duplicate => The permission '123' has already been authorized in the specified group"
101
- end
102
-
103
- if permission['ipRanges'].any? {|pr| matching_group_permission['ipRanges'].include?(pr) }
104
- raise Fog::Compute::AWS::Error, "InvalidPermission.Duplicate => The permission '123' has already been authorized in the specified group"
105
- end
96
+ normalized_permissions.each do |permission|
97
+ if matching_group_permission = find_matching_permission(group, permission)
98
+ if permission['groups'].any? {|pg| matching_group_permission['groups'].include?(pg) }
99
+ raise Fog::Compute::AWS::Error, "InvalidPermission.Duplicate => The permission '123' has already been authorized in the specified group"
106
100
  end
107
- end
108
101
 
109
- normalized_permissions.each do |permission|
110
- if matching_group_permission = find_matching_permission(group, permission)
111
- matching_group_permission['groups'] += permission['groups']
112
- matching_group_permission['ipRanges'] += permission['ipRanges']
113
- else
114
- group['ipPermissions'] << permission
102
+ if permission['ipRanges'].any? {|pr| matching_group_permission['ipRanges'].include?(pr) }
103
+ raise Fog::Compute::AWS::Error, "InvalidPermission.Duplicate => The permission '123' has already been authorized in the specified group"
115
104
  end
116
105
  end
106
+ end
117
107
 
118
- response.status = 200
119
- response.body = {
120
- 'requestId' => Fog::AWS::Mock.request_id,
121
- 'return' => true
122
- }
123
- response
124
- else
125
- raise Fog::Compute::AWS::NotFound.new("The security group '#{group_name}' does not exist")
108
+ normalized_permissions.each do |permission|
109
+ if matching_group_permission = find_matching_permission(group, permission)
110
+ matching_group_permission['groups'] += permission['groups']
111
+ matching_group_permission['ipRanges'] += permission['ipRanges']
112
+ else
113
+ group['ipPermissions'] << permission
114
+ end
126
115
  end
116
+
117
+ response.status = 200
118
+ response.body = {
119
+ 'requestId' => Fog::AWS::Mock.request_id,
120
+ 'return' => true
121
+ }
122
+ response
127
123
  end
128
124
 
129
125
  private
@@ -158,58 +154,67 @@ module Fog
158
154
  ['tcp', 'udp'].each do |protocol|
159
155
  normalized_permissions << {
160
156
  'ipProtocol' => protocol,
161
- 'fromPort' => 1,
162
- 'toPort' => 65535,
163
- 'groups' => [{'groupName' => options['SourceSecurityGroupName'], 'userId' => options['SourceSecurityGroupOwnerId'] || self.data[:owner_id], 'groupId' => source_group_id }],
164
- 'ipRanges' => []
157
+ 'fromPort' => 1,
158
+ 'toPort' => 65535,
159
+ 'groups' => [{
160
+ 'groupName' => options['SourceSecurityGroupName'],
161
+ 'userId' => options['SourceSecurityGroupOwnerId'] || self.data[:owner_id],
162
+ 'groupId' => source_group_id
163
+ }],
164
+ 'ipRanges' => []
165
165
  }
166
166
  end
167
167
  normalized_permissions << {
168
168
  'ipProtocol' => 'icmp',
169
- 'fromPort' => -1,
170
- 'toPort' => -1,
171
- 'groups' => [{'groupName' => options['SourceSecurityGroupName'], 'userId' => options['SourceSecurityGroupOwnerId'] || self.data[:owner_id], 'groupId' => source_group_id }],
169
+ 'fromPort' => -1,
170
+ 'toPort' => -1,
171
+ 'groups' => [{
172
+ 'groupName' => options['SourceSecurityGroupName'],
173
+ 'userId' => options['SourceSecurityGroupOwnerId'] || self.data[:owner_id],
174
+ 'groupId' => source_group_id
175
+ }],
172
176
  'ipRanges' => []
173
177
  }
174
178
  elsif options['CidrIp']
175
179
  normalized_permissions << {
176
180
  'ipProtocol' => options['IpProtocol'],
177
- 'fromPort' => Integer(options['FromPort']),
178
- 'toPort' => Integer(options['ToPort']),
179
- 'groups' => [],
180
- 'ipRanges' => [{'cidrIp' => options['CidrIp']}]
181
+ 'fromPort' => Integer(options['FromPort']),
182
+ 'toPort' => Integer(options['ToPort']),
183
+ 'groups' => [],
184
+ 'ipRanges' => [{'cidrIp' => options['CidrIp']}]
181
185
  }
182
186
  elsif options['IpPermissions']
183
187
  options['IpPermissions'].each do |permission|
188
+
189
+ groups = (permission['Groups'] || []).map do |authorized_group|
190
+ security_group = if group_name = authorized_group['GroupName']
191
+ self.data[:security_groups][group_name]
192
+ elsif group_id = authorized_group['GroupId']
193
+ self.data[:security_groups].values.find { |sg| sg['groupId'] == group_id }
194
+ end ||
195
+ raise(Fog::Compute::AWS::NotFound.new("The security group '#{group_name || group_id}' does not exist"))
196
+
197
+ {
198
+ 'groupName' => authorized_group['GroupName'] || security_group["groupName"],
199
+ 'userId' => authorized_group['UserId'] || self.data[:owner_id],
200
+ 'groupId' => authorized_group["GroupId"] || security_group['groupId']
201
+ }
202
+ end
203
+
204
+
184
205
  if ['tcp', 'udp', 'icmp'].include?(permission['IpProtocol'])
185
206
  normalized_permissions << {
186
207
  'ipProtocol' => permission['IpProtocol'],
187
- 'fromPort' => Integer(permission['FromPort']),
188
- 'toPort' => Integer(permission['ToPort']),
189
- 'groups' => (permission['Groups'] || []).map do |authorized_group|
190
- security_group = if group_name = authorized_group['GroupName']
191
- self.data[:security_groups][group_name] || {}
192
- elsif group_id = authorized_group['GroupId']
193
- self.data[:security_groups].values.find { |sg| sg['groupId'] == group_id } || {}
194
- end
195
-
196
- {'groupName' => authorized_group['GroupName'] || security_group["groupName"], 'userId' => authorized_group['UserId'] || self.data[:owner_id], 'groupId' => authorized_group["GroupId"] || security_group['groupId']}
197
- end,
208
+ 'fromPort' => Integer(permission['FromPort']),
209
+ 'toPort' => Integer(permission['ToPort']),
210
+ 'groups' => groups,
198
211
  'ipRanges' => (permission['IpRanges'] || []).map {|r| { 'cidrIp' => r['CidrIp'] } }
199
212
  }
200
213
  else
201
214
  normalized_permissions << {
202
215
  'ipProtocol' => permission['IpProtocol'],
203
- 'groups' => (permission['Groups'] || []).map do |authorized_group|
204
- security_group = if group_name = authorized_group['GroupName']
205
- self.data[:security_groups][group_name] || {}
206
- elsif group_id = authorized_group['GroupId']
207
- self.data[:security_groups].values.find { |sg| sg['groupId'] == group_id } || {}
208
- end
209
-
210
- {'groupName' => authorized_group['GroupName'] || security_group["groupName"], 'userId' => authorized_group['UserId'] || self.data[:owner_id], 'groupId' => authorized_group["GroupId"] || security_group['groupId']}
211
- end,
212
- 'ipRanges' => (permission['IpRanges'] || []).map {|r| { 'cidrIp' => r['CidrIp'] } }
216
+ 'groups' => groups,
217
+ 'ipRanges' => (permission['IpRanges'] || []).map {|r| { 'cidrIp' => r['CidrIp'] } }
213
218
  }
214
219
  end
215
220
  end
@@ -221,8 +226,8 @@ module Fog
221
226
  def find_matching_permission(group, permission)
222
227
  group['ipPermissions'].find {|group_permission|
223
228
  permission['ipProtocol'] == group_permission['ipProtocol'] &&
224
- permission['fromPort'] == group_permission['fromPort'] &&
225
- permission['toPort'] == group_permission['toPort'] }
229
+ permission['fromPort'] == group_permission['fromPort'] &&
230
+ permission['toPort'] == group_permission['toPort'] }
226
231
  end
227
232
  end
228
233
  end