revans_right_aws 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gemtest +0 -0
- data/History.txt +284 -0
- data/Manifest.txt +50 -0
- data/README.txt +167 -0
- data/Rakefile +110 -0
- data/lib/acf/right_acf_interface.rb +485 -0
- data/lib/acf/right_acf_origin_access_identities.rb +230 -0
- data/lib/acf/right_acf_streaming_interface.rb +236 -0
- data/lib/acw/right_acw_interface.rb +249 -0
- data/lib/as/right_as_interface.rb +699 -0
- data/lib/awsbase/benchmark_fix.rb +39 -0
- data/lib/awsbase/right_awsbase.rb +978 -0
- data/lib/awsbase/support.rb +115 -0
- data/lib/ec2/right_ec2.rb +395 -0
- data/lib/ec2/right_ec2_ebs.rb +452 -0
- data/lib/ec2/right_ec2_images.rb +373 -0
- data/lib/ec2/right_ec2_instances.rb +755 -0
- data/lib/ec2/right_ec2_monitoring.rb +70 -0
- data/lib/ec2/right_ec2_reserved_instances.rb +170 -0
- data/lib/ec2/right_ec2_security_groups.rb +277 -0
- data/lib/ec2/right_ec2_spot_instances.rb +399 -0
- data/lib/ec2/right_ec2_vpc.rb +571 -0
- data/lib/elb/right_elb_interface.rb +496 -0
- data/lib/rds/right_rds_interface.rb +998 -0
- data/lib/right_aws.rb +83 -0
- data/lib/s3/right_s3.rb +1126 -0
- data/lib/s3/right_s3_interface.rb +1199 -0
- data/lib/sdb/active_sdb.rb +1122 -0
- data/lib/sdb/right_sdb_interface.rb +721 -0
- data/lib/sqs/right_sqs.rb +388 -0
- data/lib/sqs/right_sqs_gen2.rb +343 -0
- data/lib/sqs/right_sqs_gen2_interface.rb +524 -0
- data/lib/sqs/right_sqs_interface.rb +594 -0
- data/test/acf/test_helper.rb +2 -0
- data/test/acf/test_right_acf.rb +138 -0
- data/test/ec2/test_helper.rb +2 -0
- data/test/ec2/test_right_ec2.rb +108 -0
- data/test/http_connection.rb +87 -0
- data/test/rds/test_helper.rb +2 -0
- data/test/rds/test_right_rds.rb +120 -0
- data/test/s3/test_helper.rb +2 -0
- data/test/s3/test_right_s3.rb +421 -0
- data/test/s3/test_right_s3_stubbed.rb +97 -0
- data/test/sdb/test_active_sdb.rb +357 -0
- data/test/sdb/test_helper.rb +3 -0
- data/test/sdb/test_right_sdb.rb +253 -0
- data/test/sqs/test_helper.rb +2 -0
- data/test/sqs/test_right_sqs.rb +291 -0
- data/test/sqs/test_right_sqs_gen2.rb +264 -0
- data/test/test_credentials.rb +37 -0
- data/test/ts_right_aws.rb +14 -0
- metadata +169 -0
@@ -0,0 +1,70 @@
|
|
1
|
+
#
|
2
|
+
# Copyright (c) 2009 RightScale Inc
|
3
|
+
#
|
4
|
+
# Permission is hereby granted, free of charge, to any person obtaining
|
5
|
+
# a copy of this software and associated documentation files (the
|
6
|
+
# "Software"), to deal in the Software without restriction, including
|
7
|
+
# without limitation the rights to use, copy, modify, merge, publish,
|
8
|
+
# distribute, sublicense, and/or sell copies of the Software, and to
|
9
|
+
# permit persons to whom the Software is furnished to do so, subject to
|
10
|
+
# the following conditions:
|
11
|
+
#
|
12
|
+
# The above copyright notice and this permission notice shall be
|
13
|
+
# included in all copies or substantial portions of the Software.
|
14
|
+
#
|
15
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
16
|
+
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
17
|
+
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
18
|
+
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
19
|
+
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
20
|
+
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
21
|
+
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
22
|
+
#
|
23
|
+
|
24
|
+
module RightAws
|
25
|
+
|
26
|
+
class Ec2
|
27
|
+
|
28
|
+
# Enables monitoring for a running instances. For more information, refer to the Amazon CloudWatch Developer Guide.
|
29
|
+
#
|
30
|
+
# ec2.monitor_instances('i-8437ddec') #=>
|
31
|
+
# {:instance_id=>"i-8437ddec", :monitoring_state=>"pending"}
|
32
|
+
#
|
33
|
+
def monitor_instances(*list)
|
34
|
+
link = generate_request("MonitorInstances", amazonize_list('InstanceId', list.flatten) )
|
35
|
+
request_info(link, QEc2MonitorInstancesParser.new(:logger => @logger)).first
|
36
|
+
rescue Exception
|
37
|
+
on_exception
|
38
|
+
end
|
39
|
+
|
40
|
+
# Disables monitoring for a running instances. For more information, refer to the Amazon CloudWatch Developer Guide.
|
41
|
+
#
|
42
|
+
# ec2.unmonitor_instances('i-8437ddec') #=>
|
43
|
+
# {:instance_id=>"i-8437ddec", :monitoring_state=>"disabling"}
|
44
|
+
#
|
45
|
+
def unmonitor_instances(*list)
|
46
|
+
link = generate_request("UnmonitorInstances", amazonize_list('InstanceId', list.flatten) )
|
47
|
+
request_info(link, QEc2MonitorInstancesParser.new(:logger => @logger)).first
|
48
|
+
rescue Exception
|
49
|
+
on_exception
|
50
|
+
end
|
51
|
+
|
52
|
+
class QEc2MonitorInstancesParser < RightAWSParser #:nodoc:
|
53
|
+
def tagstart(name, attributes)
|
54
|
+
@item = {} if name == 'item'
|
55
|
+
end
|
56
|
+
def tagend(name)
|
57
|
+
case name
|
58
|
+
when 'instanceId' then @item[:instance_id] = @text
|
59
|
+
when 'state' then @item[:monitoring_state] = @text
|
60
|
+
when 'item' then @result << @item
|
61
|
+
end
|
62
|
+
end
|
63
|
+
def reset
|
64
|
+
@result = []
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
end
|
69
|
+
|
70
|
+
end
|
@@ -0,0 +1,170 @@
|
|
1
|
+
#
|
2
|
+
# Copyright (c) 2009 RightScale Inc
|
3
|
+
#
|
4
|
+
# Permission is hereby granted, free of charge, to any person obtaining
|
5
|
+
# a copy of this software and associated documentation files (the
|
6
|
+
# "Software"), to deal in the Software without restriction, including
|
7
|
+
# without limitation the rights to use, copy, modify, merge, publish,
|
8
|
+
# distribute, sublicense, and/or sell copies of the Software, and to
|
9
|
+
# permit persons to whom the Software is furnished to do so, subject to
|
10
|
+
# the following conditions:
|
11
|
+
#
|
12
|
+
# The above copyright notice and this permission notice shall be
|
13
|
+
# included in all copies or substantial portions of the Software.
|
14
|
+
#
|
15
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
16
|
+
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
17
|
+
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
18
|
+
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
19
|
+
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
20
|
+
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
21
|
+
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
22
|
+
#
|
23
|
+
|
24
|
+
module RightAws
|
25
|
+
|
26
|
+
class Ec2
|
27
|
+
|
28
|
+
#-----------------------------------------------------------------
|
29
|
+
# Reserved instances
|
30
|
+
#-----------------------------------------------------------------
|
31
|
+
|
32
|
+
# Retrieve reserved instances list.
|
33
|
+
# Returns a list of Reserved Instances.
|
34
|
+
#
|
35
|
+
# ec2.describe_reserved_instances #=>
|
36
|
+
# [{:aws_id=>"1ba8e2e3-1c40-434c-a741-5ff16a4c542e",
|
37
|
+
# :aws_duration=>31536000,
|
38
|
+
# :aws_instance_type=>"m1.small",
|
39
|
+
# :aws_usage_price=>0.03,
|
40
|
+
# :aws_availability_zone=>"us-east-1b",
|
41
|
+
# :aws_state=>"payment-pending",
|
42
|
+
# :aws_product_description=>"Test",
|
43
|
+
# :aws_fixed_price=>325.0,
|
44
|
+
# :aws_start=>"2009-12-18T20:39:39.569Z"
|
45
|
+
# :aws_instance_count=>1}]
|
46
|
+
#
|
47
|
+
def describe_reserved_instances(*reserved_instances)
|
48
|
+
reserved_instances = reserved_instances.flatten
|
49
|
+
link = generate_request("DescribeReservedInstances", amazonize_list('ReservedInstancesId', reserved_instances))
|
50
|
+
request_cache_or_info(:describe_reserved_instances, link, QEc2DescribeReservedInstancesParser, @@bench, reserved_instances.blank?)
|
51
|
+
rescue Exception
|
52
|
+
on_exception
|
53
|
+
end
|
54
|
+
|
55
|
+
# Retrieve reserved instances offerings.
|
56
|
+
# Returns a set of available offerings.
|
57
|
+
#
|
58
|
+
# Optional params:
|
59
|
+
# :aws_instance_type => String
|
60
|
+
# :aws_availability_zone => String
|
61
|
+
# :aws_product_description => String
|
62
|
+
#
|
63
|
+
# ec2.describe_reserved_instances_offerings #=>
|
64
|
+
# [{:aws_instance_type=>"c1.medium",
|
65
|
+
# :aws_availability_zone=>"us-east-1c",
|
66
|
+
# :aws_duration=>94608000,
|
67
|
+
# :aws_product_description=>"Linux/UNIX",
|
68
|
+
# :aws_id=>"e5a2ff3b-f6eb-4b4e-83f8-b879d7060257",
|
69
|
+
# :aws_usage_price=>0.06,
|
70
|
+
# :aws_fixed_price=>1000.0},
|
71
|
+
# ...
|
72
|
+
# {:aws_instance_type=>"m1.xlarge",
|
73
|
+
# :aws_availability_zone=>"us-east-1a",
|
74
|
+
# :aws_duration=>31536000,
|
75
|
+
# :aws_product_description=>"Linux/UNIX",
|
76
|
+
# :aws_id=>"c48ab04c-63ab-4cd6-b8f5-978a29eb9bcc",
|
77
|
+
# :aws_usage_price=>0.24,
|
78
|
+
# :aws_fixed_price=>2600.0}]
|
79
|
+
#
|
80
|
+
def describe_reserved_instances_offerings(*list_and_params)
|
81
|
+
list, params = AwsUtils::split_items_and_params(list_and_params)
|
82
|
+
# backward compartibility with the old way
|
83
|
+
list ||= Array(params[:aws_ids])
|
84
|
+
rparams = {}
|
85
|
+
rparams.update(amazonize_list('ReservedInstancesOfferingId', list)) unless list.blank?
|
86
|
+
rparams['InstanceType'] = params[:aws_instance_type] if params[:aws_instance_type]
|
87
|
+
rparams['AvailabilityZone'] = params[:aws_availability_zone] if params[:aws_availability_zone]
|
88
|
+
rparams['ProductDescription'] = params[:aws_product_description] if params[:aws_product_description]
|
89
|
+
link = generate_request("DescribeReservedInstancesOfferings", rparams)
|
90
|
+
request_cache_or_info(:describe_reserved_instances_offerings, link, QEc2DescribeReservedInstancesOfferingsParser, @@bench, list.blank?)
|
91
|
+
rescue Exception
|
92
|
+
on_exception
|
93
|
+
end
|
94
|
+
|
95
|
+
# Purchase a Reserved Instance.
|
96
|
+
# Returns ReservedInstancesId value.
|
97
|
+
#
|
98
|
+
# ec2.purchase_reserved_instances_offering('e5a2ff3b-f6eb-4b4e-83f8-b879d7060257', 3) # => '4b2293b4-5813-4cc8-9ce3-1957fc1dcfc8'
|
99
|
+
#
|
100
|
+
def purchase_reserved_instances_offering(reserved_instances_offering_id, instance_count=1)
|
101
|
+
link = generate_request("PurchaseReservedInstancesOffering", { 'ReservedInstancesOfferingId' => reserved_instances_offering_id,
|
102
|
+
'InstanceCount' => instance_count })
|
103
|
+
request_info(link, QEc2PurchaseReservedInstancesOfferingParser.new)
|
104
|
+
rescue Exception
|
105
|
+
on_exception
|
106
|
+
end
|
107
|
+
|
108
|
+
#-----------------------------------------------------------------
|
109
|
+
# PARSERS: ReservedInstances
|
110
|
+
#-----------------------------------------------------------------
|
111
|
+
|
112
|
+
class QEc2DescribeReservedInstancesParser < RightAWSParser #:nodoc:
|
113
|
+
def tagstart(name, attributes)
|
114
|
+
@item = {} if name == 'item'
|
115
|
+
end
|
116
|
+
def tagend(name)
|
117
|
+
case name
|
118
|
+
when 'reservedInstancesId' then @item[:aws_id] = @text
|
119
|
+
when 'instanceType' then @item[:aws_instance_type] = @text
|
120
|
+
when 'availabilityZone' then @item[:aws_availability_zone] = @text
|
121
|
+
when 'duration' then @item[:aws_duration] = @text.to_i
|
122
|
+
when 'usagePrice' then @item[:aws_usage_price] = @text.to_f
|
123
|
+
when 'fixedPrice' then @item[:aws_fixed_price] = @text.to_f
|
124
|
+
when 'instanceCount' then @item[:aws_instance_count] = @text.to_i
|
125
|
+
when 'productDescription' then @item[:aws_product_description] = @text
|
126
|
+
when 'state' then @item[:aws_state] = @text
|
127
|
+
when 'start' then @item[:aws_start] = @text
|
128
|
+
when 'item' then @result << @item
|
129
|
+
end
|
130
|
+
end
|
131
|
+
def reset
|
132
|
+
@result = []
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
136
|
+
class QEc2DescribeReservedInstancesOfferingsParser < RightAWSParser #:nodoc:
|
137
|
+
def tagstart(name, attributes)
|
138
|
+
@item = {} if name == 'item'
|
139
|
+
end
|
140
|
+
def tagend(name)
|
141
|
+
case name
|
142
|
+
when 'reservedInstancesOfferingId' then @item[:aws_id] = @text
|
143
|
+
when 'instanceType' then @item[:aws_instance_type] = @text
|
144
|
+
when 'availabilityZone' then @item[:aws_availability_zone] = @text
|
145
|
+
when 'duration' then @item[:aws_duration] = @text.to_i
|
146
|
+
when 'usagePrice' then @item[:aws_usage_price] = @text.to_f
|
147
|
+
when 'fixedPrice' then @item[:aws_fixed_price] = @text.to_f
|
148
|
+
when 'productDescription' then @item[:aws_product_description] = @text
|
149
|
+
when 'item' then @result << @item
|
150
|
+
end
|
151
|
+
end
|
152
|
+
def reset
|
153
|
+
@result = []
|
154
|
+
end
|
155
|
+
end
|
156
|
+
|
157
|
+
class QEc2PurchaseReservedInstancesOfferingParser < RightAWSParser #:nodoc:
|
158
|
+
def tagend(name)
|
159
|
+
if name == 'reservedInstancesId'
|
160
|
+
@result = @text
|
161
|
+
end
|
162
|
+
end
|
163
|
+
def reset
|
164
|
+
@result = ''
|
165
|
+
end
|
166
|
+
end
|
167
|
+
|
168
|
+
end
|
169
|
+
|
170
|
+
end
|
@@ -0,0 +1,277 @@
|
|
1
|
+
#
|
2
|
+
# Copyright (c) 2010 RightScale Inc
|
3
|
+
#
|
4
|
+
# Permission is hereby granted, free of charge, to any person obtaining
|
5
|
+
# a copy of this software and associated documentation files (the
|
6
|
+
# "Software"), to deal in the Software without restriction, including
|
7
|
+
# without limitation the rights to use, copy, modify, merge, publish,
|
8
|
+
# distribute, sublicense, and/or sell copies of the Software, and to
|
9
|
+
# permit persons to whom the Software is furnished to do so, subject to
|
10
|
+
# the following conditions:
|
11
|
+
#
|
12
|
+
# The above copyright notice and this permission notice shall be
|
13
|
+
# included in all copies or substantial portions of the Software.
|
14
|
+
#
|
15
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
16
|
+
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
17
|
+
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
18
|
+
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
19
|
+
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
20
|
+
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
21
|
+
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
22
|
+
#
|
23
|
+
|
24
|
+
module RightAws
|
25
|
+
|
26
|
+
class Ec2
|
27
|
+
|
28
|
+
#-----------------------------------------------------------------
|
29
|
+
# Security groups
|
30
|
+
#-----------------------------------------------------------------
|
31
|
+
|
32
|
+
# Retrieve Security Groups information. If +list+ is omitted the returns the whole list of groups.
|
33
|
+
#
|
34
|
+
# # Amazon cloud:
|
35
|
+
# ec2 = Rightscale::Ec2.new(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
|
36
|
+
# ec2.describe_security_groups #=>
|
37
|
+
# [{:aws_perms=>
|
38
|
+
# [{:group=>"default", :owner=>"048291609141"},
|
39
|
+
# {:to_port=>"22",
|
40
|
+
# :protocol=>"tcp",
|
41
|
+
# :from_port=>"22",
|
42
|
+
# :cidr_ips=>"0.0.0.0/0"},
|
43
|
+
# {:to_port=>"9997",
|
44
|
+
# :protocol=>"tcp",
|
45
|
+
# :from_port=>"9997",
|
46
|
+
# :cidr_ips=>"0.0.0.0/0"}],
|
47
|
+
# :aws_group_name=>"photo_us",
|
48
|
+
# :aws_description=>"default group",
|
49
|
+
# :aws_owner=>"826693181925"}]
|
50
|
+
#
|
51
|
+
# # Eucalyptus cloud:
|
52
|
+
# ec2 = Rightscale::Ec2.new(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, :eucalyptus => true)
|
53
|
+
# ec2.describe_security_groups #=>
|
54
|
+
# [{:aws_perms=>
|
55
|
+
# [{:to_port=>"65535",
|
56
|
+
# :group=>"default",
|
57
|
+
# :protocol=>"tcp",
|
58
|
+
# :owner=>"048291609141",
|
59
|
+
# :from_port=>"1"},
|
60
|
+
# {:to_port=>"65535",
|
61
|
+
# :group=>"default",
|
62
|
+
# :protocol=>"udp",
|
63
|
+
# :owner=>"048291609141",
|
64
|
+
# :from_port=>"1"},
|
65
|
+
# {:to_port=>"-1",
|
66
|
+
# :group=>"default",
|
67
|
+
# :protocol=>"icmp",
|
68
|
+
# :owner=>"048291609141",
|
69
|
+
# :from_port=>"-1"},
|
70
|
+
# {:to_port=>"22",
|
71
|
+
# :protocol=>"tcp",
|
72
|
+
# :from_port=>"22",
|
73
|
+
# :cidr_ip=>"0.0.0.0/0"},
|
74
|
+
# {:to_port=>"9997",
|
75
|
+
# :protocol=>"tcp",
|
76
|
+
# :from_port=>"9997",
|
77
|
+
# :cidr_ip=>"0.0.0.0/0"}],
|
78
|
+
# :aws_group_name=>"photo_us",
|
79
|
+
# :aws_description=>"default group",
|
80
|
+
# :aws_owner=>"826693181925"}]
|
81
|
+
#
|
82
|
+
def describe_security_groups(list=[])
|
83
|
+
link = generate_request("DescribeSecurityGroups", amazonize_list('GroupName', list))
|
84
|
+
|
85
|
+
request_cache_or_info( :describe_security_groups, link, QEc2DescribeSecurityGroupsParser, @@bench, list.blank?) do |parser|
|
86
|
+
result = []
|
87
|
+
parser.result.each do |item|
|
88
|
+
result_item = { :aws_owner => item[:owner_id],
|
89
|
+
:aws_group_name => item[:group_name],
|
90
|
+
:aws_description => item[:group_description] }
|
91
|
+
aws_perms = []
|
92
|
+
item[:ip_permissions].each do |permission|
|
93
|
+
result_perm = {}
|
94
|
+
result_perm[:from_port] = permission[:from_port]
|
95
|
+
result_perm[:to_port] = permission[:to_port]
|
96
|
+
result_perm[:protocol] = permission[:ip_protocol]
|
97
|
+
# IP permissions
|
98
|
+
Array(permission[:ip_ranges]).each do |ip_range|
|
99
|
+
perm = result_perm.dup
|
100
|
+
perm[:cidr_ips] = ip_range
|
101
|
+
aws_perms << perm
|
102
|
+
end
|
103
|
+
# Group permissions
|
104
|
+
Array(permission[:groups]).each do |group|
|
105
|
+
perm = result_perm.dup
|
106
|
+
perm[:group] = group[:group_name]
|
107
|
+
perm[:owner] = group[:user_id]
|
108
|
+
# AWS does not support Port Based Group Permissions but Eucalyptus does
|
109
|
+
unless @params[:port_based_group_ingress]
|
110
|
+
perm.delete(:from_port)
|
111
|
+
perm.delete(:to_port)
|
112
|
+
perm.delete(:protocol)
|
113
|
+
end
|
114
|
+
aws_perms << perm
|
115
|
+
end
|
116
|
+
end
|
117
|
+
result_item[:aws_perms] = aws_perms.uniq
|
118
|
+
result << result_item
|
119
|
+
end
|
120
|
+
result
|
121
|
+
end
|
122
|
+
rescue Exception
|
123
|
+
on_exception
|
124
|
+
end
|
125
|
+
|
126
|
+
# Create new Security Group. Returns +true+ or an exception.
|
127
|
+
#
|
128
|
+
# ec2.create_security_group('default-1',"Default allowing SSH, HTTP, and HTTPS ingress") #=> true
|
129
|
+
#
|
130
|
+
def create_security_group(name, description=nil)
|
131
|
+
# EC2 doesn't like an empty description...
|
132
|
+
description = "-" if description.blank?
|
133
|
+
link = generate_request("CreateSecurityGroup",
|
134
|
+
'GroupName' => name.to_s,
|
135
|
+
'GroupDescription' => description.to_s)
|
136
|
+
request_info(link, RightBoolResponseParser.new(:logger => @logger))
|
137
|
+
rescue Exception
|
138
|
+
on_exception
|
139
|
+
end
|
140
|
+
|
141
|
+
# Remove Security Group. Returns +true+ or an exception.
|
142
|
+
#
|
143
|
+
# ec2.delete_security_group('default-1') #=> true
|
144
|
+
#
|
145
|
+
def delete_security_group(name)
|
146
|
+
link = generate_request("DeleteSecurityGroup",
|
147
|
+
'GroupName' => name.to_s)
|
148
|
+
request_info(link, RightBoolResponseParser.new(:logger => @logger))
|
149
|
+
rescue Exception
|
150
|
+
on_exception
|
151
|
+
end
|
152
|
+
|
153
|
+
# Edit group permissions.
|
154
|
+
#
|
155
|
+
# action - :authorize (or :grant) | :revoke (or :remove)
|
156
|
+
# group_name - security group name
|
157
|
+
# params - a combination of options below:
|
158
|
+
# :source_group_owner => grantee id
|
159
|
+
# :source_group => grantee group name
|
160
|
+
# :from_port => from port
|
161
|
+
# :to_port => to port
|
162
|
+
# :port => set both :from_port and to_port with the same value
|
163
|
+
# :protocol => :tcp | :udp | :icmp
|
164
|
+
# :cidr_ip => '0.0.0.0/0'
|
165
|
+
#
|
166
|
+
# ec2.edit_security_group( :grant,
|
167
|
+
# 'kd-sg-test',
|
168
|
+
# :source_group => "sketchy",
|
169
|
+
# :source_group_owner => "600000000006",
|
170
|
+
# :protocol => 'tcp',
|
171
|
+
# :port => '80',
|
172
|
+
# :cidr_ip => '127.0.0.1/32') #=> true
|
173
|
+
#
|
174
|
+
# P.S. setting both group based and port based ingresses is not supported by Amazon but by Eucalyptus.
|
175
|
+
#
|
176
|
+
def edit_security_group(action, group_name, params)
|
177
|
+
hash = {}
|
178
|
+
case action
|
179
|
+
when :authorize, :grant then action = "AuthorizeSecurityGroupIngress"
|
180
|
+
when :revoke, :remove then action = "RevokeSecurityGroupIngress"
|
181
|
+
else raise "Unknown action #{action.inspect}!"
|
182
|
+
end
|
183
|
+
hash['GroupName'] = group_name
|
184
|
+
hash['SourceSecurityGroupName'] = params[:source_group] unless params[:source_group].blank?
|
185
|
+
hash['SourceSecurityGroupOwnerId'] = params[:source_group_owner].to_s.gsub(/-/,'') unless params[:source_group_owner].blank?
|
186
|
+
hash['IpProtocol'] = params[:protocol] unless params[:protocol].blank?
|
187
|
+
unless params[:port].blank?
|
188
|
+
hash['FromPort'] = params[:port]
|
189
|
+
hash['ToPort'] = params[:port]
|
190
|
+
end
|
191
|
+
hash['FromPort'] = params[:from_port] unless params[:from_port].blank?
|
192
|
+
hash['ToPort'] = params[:to_port] unless params[:to_port].blank?
|
193
|
+
hash['CidrIp'] = params[:cidr_ip] unless params[:cidr_ip].blank?
|
194
|
+
#
|
195
|
+
link = generate_request(action, hash)
|
196
|
+
request_info(link, RightBoolResponseParser.new(:logger => @logger))
|
197
|
+
rescue Exception
|
198
|
+
on_exception
|
199
|
+
end
|
200
|
+
|
201
|
+
# Authorize named ingress for security group. Allows instances that are member of someone
|
202
|
+
# else's security group to open connections to instances in my group.
|
203
|
+
#
|
204
|
+
# ec2.authorize_security_group_named_ingress('my_awesome_group', '7011-0219-8268', 'their_group_name') #=> true
|
205
|
+
#
|
206
|
+
def authorize_security_group_named_ingress(name, owner, group)
|
207
|
+
edit_security_group( :authorize, name, :source_group_owner => owner, :source_group => group)
|
208
|
+
end
|
209
|
+
|
210
|
+
# Revoke named ingress for security group.
|
211
|
+
#
|
212
|
+
# ec2.revoke_security_group_named_ingress('my_awesome_group', aws_user_id, 'another_group_name') #=> true
|
213
|
+
#
|
214
|
+
def revoke_security_group_named_ingress(name, owner, group)
|
215
|
+
edit_security_group( :revoke, name, :source_group_owner => owner, :source_group => group)
|
216
|
+
end
|
217
|
+
|
218
|
+
# Add permission to a security group. Returns +true+ or an exception. +protocol+ is one of :'tcp'|'udp'|'icmp'.
|
219
|
+
#
|
220
|
+
# ec2.authorize_security_group_IP_ingress('my_awesome_group', 80, 82, 'udp', '192.168.1.0/8') #=> true
|
221
|
+
# ec2.authorize_security_group_IP_ingress('my_awesome_group', -1, -1, 'icmp') #=> true
|
222
|
+
#
|
223
|
+
def authorize_security_group_IP_ingress(name, from_port, to_port, protocol='tcp', cidr_ip='0.0.0.0/0')
|
224
|
+
edit_security_group( :authorize, name, :from_port => from_port, :to_port => to_port, :protocol => protocol, :cidr_ip => cidr_ip )
|
225
|
+
end
|
226
|
+
|
227
|
+
# Remove permission from a security group. Returns +true+ or an exception. +protocol+ is one of :'tcp'|'udp'|'icmp' ('tcp' is default).
|
228
|
+
#
|
229
|
+
# ec2.revoke_security_group_IP_ingress('my_awesome_group', 80, 82, 'udp', '192.168.1.0/8') #=> true
|
230
|
+
#
|
231
|
+
def revoke_security_group_IP_ingress(name, from_port, to_port, protocol='tcp', cidr_ip='0.0.0.0/0')
|
232
|
+
edit_security_group( :revoke, name, :from_port => from_port, :to_port => to_port, :protocol => protocol, :cidr_ip => cidr_ip )
|
233
|
+
end
|
234
|
+
|
235
|
+
#-----------------------------------------------------------------
|
236
|
+
# PARSERS: Security Groups
|
237
|
+
#-----------------------------------------------------------------
|
238
|
+
|
239
|
+
class QEc2DescribeSecurityGroupsParser < RightAWSParser #:nodoc:
|
240
|
+
def tagstart(name, attributes)
|
241
|
+
if name == 'item'
|
242
|
+
case
|
243
|
+
when @xmlpath[/securityGroupInfo$/] then @item = { :ip_permissions => [] }
|
244
|
+
when @xmlpath[/ipPermissions$/] then @ip_permission = { :groups => [], :ip_ranges => [] }
|
245
|
+
when @xmlpath[/groups$/] then @group = {}
|
246
|
+
end
|
247
|
+
end
|
248
|
+
end
|
249
|
+
def tagend(name)
|
250
|
+
case name
|
251
|
+
when 'ownerId' then @item[:owner_id] = @text
|
252
|
+
when 'groupDescription' then @item[:group_description] = @text
|
253
|
+
when 'ipProtocol' then @ip_permission[:ip_protocol] = @text
|
254
|
+
when 'fromPort' then @ip_permission[:from_port] = @text
|
255
|
+
when 'toPort' then @ip_permission[:to_port] = @text
|
256
|
+
when 'cidrIp' then @ip_permission[:ip_ranges] << @text
|
257
|
+
when 'userId' then @group[:user_id] = @text
|
258
|
+
when 'groupName'
|
259
|
+
case
|
260
|
+
when @xmlpath[/securityGroupInfo\/item$/] then @item[:group_name] = @text
|
261
|
+
when @xmlpath[/groups\/item$/] then @group[:group_name] = @text
|
262
|
+
end
|
263
|
+
when 'item'
|
264
|
+
case
|
265
|
+
when @xmlpath[/groups$/] then @ip_permission[:groups] << @group
|
266
|
+
when @xmlpath[/ipPermissions$/] then @item[:ip_permissions] << @ip_permission
|
267
|
+
when @xmlpath[/securityGroupInfo$/]then @result << @item
|
268
|
+
end
|
269
|
+
end
|
270
|
+
end
|
271
|
+
def reset
|
272
|
+
@result = []
|
273
|
+
end
|
274
|
+
end
|
275
|
+
|
276
|
+
end
|
277
|
+
end
|