sgviz 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b5fb5e9336b59957898dee4d98ae5e9f25a04b49
+  data.tar.gz: 38da4f2f906e141d05e4e99f01dfb11de18f1605
+SHA512:
+  metadata.gz: 908045418f324d4094d2b69c681cf189235a8d3d9f5daf2fe9ed75291e12f16524cde17b78ccd0666778c8b2049e1ee47518ddead734975847e9127934b49461
+  data.tar.gz: 2ebcda6849078ddca64d553a8467a06f7da75d53148a764fea7d23288d8bfa00b6ff3a55220d6ba92563404ac7147e35bbad7ab8dfc870ac94a7f9721b2e2af2

data/.gitignore

@@ -0,0 +1,16 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+vendor
+result.json

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in sgviz.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 y13i
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,68 @@
+# Sgviz
+
+A visualization tool for AWS VPC Security Groups.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'sgviz'
+```
+
+And then execute:
+
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+
+```bash
+$ gem install sgviz
+```
+
+## Usage
+
+```bash
+$ sgviz generate --output-path myvpc --region ap-northeast-1 --vpc-ids vpc-146fad71
+```
+
+will generate
+
+![myvpc](docs/images/1.png)
+
+If you're using OSX, run `sgviz open` to view the graph instantly.
+
+Run `sgviz help` to view more usage.
+
+## CloudFormation Template
+
+You can create example stack using bundled CloudFormation template.
+
+```bash
+$ aws cloudformation create-stack --stack-name example  --template-body file:////path/to/this/repo/docs/cfn/example.json
+```
+
+Or use [Kumogata](https://github.com/winebarrel/kumogata), powerful Ruby-CFn integration tool.
+
+```bash
+$ kumogata create docs/cfn/example.rb example
+```
+
+## TODO, Known Bugs
+
+* Bug: Problem with outbound edges (duplicate with inbound?).
+* TODO: Internal IP address nodes.
+* TODO: VPC Peerings.
+* TODO: Add spec. (No test code now. Sorry.)
+* TODO: Integrate EC2/ELB/RDS/ElastiCache/Redshift components in graph.
+* etc...
+
+## Contributing
+
+1. Fork it ( https://github.com/y13i/sgviz/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/bin/sgviz

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+require "sgviz"
+
+Sgviz::CLI.start

data/docs/cfn/example.json

@@ -0,0 +1,222 @@
+{
+  "AWSTemplateFormatVersion": "2010-09-09",
+  "Description": "Sgviz example security group set template (Donburi version).\n",
+  "Resources": {
+    "Vpc": {
+      "Type": "AWS::EC2::VPC",
+      "Properties": {
+        "CidrBlock": "10.0.0.0/16"
+      }
+    },
+    "ManageSecurityGroup": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Security group for manage role EC2 instances.",
+        "VpcId": {
+          "Ref": "Vpc"
+        },
+        "SecurityGroupIngress": [
+          {
+            "CidrIp": "123.45.67.89/32",
+            "IpProtocol": "tcp",
+            "FromPort": "22",
+            "ToPort": "22"
+          },
+          {
+            "CidrIp": "123.45.67.89/32",
+            "IpProtocol": "tcp",
+            "FromPort": "80",
+            "ToPort": "80"
+          },
+          {
+            "CidrIp": "123.45.67.89/32",
+            "IpProtocol": "tcp",
+            "FromPort": "443",
+            "ToPort": "443"
+          },
+          {
+            "CidrIp": "234.56.78.90/32",
+            "IpProtocol": "tcp",
+            "FromPort": "22",
+            "ToPort": "22"
+          },
+          {
+            "CidrIp": "234.56.78.90/32",
+            "IpProtocol": "tcp",
+            "FromPort": "80",
+            "ToPort": "80"
+          },
+          {
+            "CidrIp": "234.56.78.90/32",
+            "IpProtocol": "tcp",
+            "FromPort": "443",
+            "ToPort": "443"
+          }
+        ],
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "manage"
+          }
+        ]
+      }
+    },
+    "AppLoadBalancerSecurityGroup": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Security group for application load balancer.",
+        "VpcId": {
+          "Ref": "Vpc"
+        },
+        "SecurityGroupIngress": [
+          {
+            "CidrIp": "0.0.0.0/0",
+            "IpProtocol": "tcp",
+            "FromPort": "80",
+            "ToPort": "80"
+          },
+          {
+            "CidrIp": "0.0.0.0/0",
+            "IpProtocol": "tcp",
+            "FromPort": "443",
+            "ToPort": "443"
+          }
+        ],
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "app_load_balancer"
+          }
+        ]
+      }
+    },
+    "AppSecurityGroup": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Security group for application EC2 instances.",
+        "VpcId": {
+          "Ref": "Vpc"
+        },
+        "SecurityGroupIngress": [
+          {
+            "SourceSecurityGroupId": {
+              "Ref": "AppLoadBalancerSecurityGroup"
+            },
+            "IpProtocol": "tcp",
+            "FromPort": "80",
+            "ToPort": "80"
+          },
+          {
+            "SourceSecurityGroupId": {
+              "Ref": "ManageSecurityGroup"
+            },
+            "IpProtocol": "tcp",
+            "FromPort": "22",
+            "ToPort": "22"
+          },
+          {
+            "SourceSecurityGroupId": {
+              "Ref": "ManageSecurityGroup"
+            },
+            "IpProtocol": "tcp",
+            "FromPort": "10050",
+            "ToPort": "10050"
+          }
+        ],
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "app"
+          }
+        ]
+      }
+    },
+    "Port10051IngressFromAppToManage": {
+      "Type": "AWS::EC2::SecurityGroupIngress",
+      "Properties": {
+        "GroupId": {
+          "Ref": "ManageSecurityGroup"
+        },
+        "SourceSecurityGroupId": {
+          "Ref": "AppSecurityGroup"
+        },
+        "IpProtocol": "tcp",
+        "FromPort": "10051",
+        "ToPort": "10051"
+      }
+    },
+    "RedisSecurityGroup": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Security group for ElastiCache Redis clusters.",
+        "VpcId": {
+          "Ref": "Vpc"
+        },
+        "SecurityGroupIngress": [
+          {
+            "SourceSecurityGroupId": {
+              "Ref": "ManageSecurityGroup"
+            },
+            "IpProtocol": "tcp",
+            "FromPort": "6379",
+            "ToPort": "6379"
+          },
+          {
+            "SourceSecurityGroupId": {
+              "Ref": "AppSecurityGroup"
+            },
+            "IpProtocol": "tcp",
+            "FromPort": "6379",
+            "ToPort": "6379"
+          }
+        ],
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "redis"
+          }
+        ]
+      }
+    },
+    "MysqlSecurityGroup": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Security group for RDS MySQL DB instances.",
+        "VpcId": {
+          "Ref": "Vpc"
+        },
+        "SecurityGroupIngress": [
+          {
+            "SourceSecurityGroupId": {
+              "Ref": "ManageSecurityGroup"
+            },
+            "IpProtocol": "tcp",
+            "FromPort": "3306",
+            "ToPort": "3306"
+          },
+          {
+            "SourceSecurityGroupId": {
+              "Ref": "AppSecurityGroup"
+            },
+            "IpProtocol": "tcp",
+            "FromPort": "3306",
+            "ToPort": "3306"
+          }
+        ],
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "mysql"
+          }
+        ]
+      }
+    }
+  },
+  "Outputs": {
+    "Vpc": {
+      "Value": {
+        "Ref": "Vpc"
+      }
+    }
+  }
+}

data/docs/cfn/example.rb

@@ -0,0 +1,177 @@
+AWSTemplateFormatVersion "2010-09-09"
+
+Description <<-EOS.undent
+  Sgviz example security group set template (Donburi version).
+EOS
+
+Resources do
+  Vpc do
+    Type "AWS::EC2::VPC"
+
+    Properties do
+      CidrBlock "10.0.0.0/16"
+    end
+  end
+
+  ManageSecurityGroup do
+    Type "AWS::EC2::SecurityGroup"
+
+    Properties do
+      GroupDescription "Security group for manage role EC2 instances."
+      VpcId            {Ref "Vpc"}
+
+      SecurityGroupIngress(
+        ["123.45.67.89/32", "234.56.78.90/32", ].product([22, 80, 443]).map do |my_ip, port|
+          _{
+            CidrIp     my_ip
+            IpProtocol "tcp"
+            FromPort   port
+            ToPort     port
+          }
+        end
+      )
+
+      Tags [
+        _{
+          Key   "Name"
+          Value "manage"
+        }
+      ]
+    end
+  end
+
+  AppLoadBalancerSecurityGroup do
+    Type "AWS::EC2::SecurityGroup"
+
+    Properties do
+      GroupDescription "Security group for application load balancer."
+      VpcId            {Ref "Vpc"}
+
+      SecurityGroupIngress(
+        [80, 443].map do |port|
+          _{
+            CidrIp     "0.0.0.0/0"
+            IpProtocol "tcp"
+            FromPort   port
+            ToPort     port
+          }
+        end
+      )
+
+      Tags [
+        _{
+          Key   "Name"
+          Value "app_load_balancer"
+        }
+      ]
+    end
+  end
+
+  AppSecurityGroup do
+    Type "AWS::EC2::SecurityGroup"
+
+    Properties do
+      GroupDescription "Security group for application EC2 instances."
+      VpcId            {Ref "Vpc"}
+
+      SecurityGroupIngress [
+        _{
+          SourceSecurityGroupId {Ref "AppLoadBalancerSecurityGroup"}
+          IpProtocol            "tcp"
+          FromPort              80
+          ToPort                80
+        },
+
+        *[22, 10050].map do |port|
+          _{
+            SourceSecurityGroupId {Ref "ManageSecurityGroup"}
+            IpProtocol            "tcp"
+            FromPort              port
+            ToPort                port
+          }
+        end
+      ]
+
+      Tags [
+        _{
+          Key   "Name"
+          Value "app"
+        }
+      ]
+    end
+  end
+
+  Port10051IngressFromAppToManage do
+    Type "AWS::EC2::SecurityGroupIngress"
+
+    Properties do
+      GroupId               {Ref "ManageSecurityGroup"}
+      SourceSecurityGroupId {Ref "AppSecurityGroup"}
+      IpProtocol            "tcp"
+      FromPort              10051
+      ToPort                10051
+    end
+  end
+
+  RedisSecurityGroup do
+    Type "AWS::EC2::SecurityGroup"
+
+    Properties do
+      GroupDescription "Security group for ElastiCache Redis clusters."
+      VpcId            {Ref "Vpc"}
+
+      SecurityGroupIngress(
+        ["Manage", "App"].map do |role|
+          _{
+            SourceSecurityGroupId {Ref "#{role}SecurityGroup"}
+            IpProtocol            "tcp"
+            FromPort              6379
+            ToPort                6379
+          }
+        end
+      )
+
+      Tags [
+        _{
+          Key   "Name"
+          Value "redis"
+        }
+      ]
+    end
+  end
+
+  MysqlSecurityGroup do
+    Type "AWS::EC2::SecurityGroup"
+
+    Properties do
+      GroupDescription "Security group for RDS MySQL DB instances."
+      VpcId            {Ref "Vpc"}
+
+      SecurityGroupIngress(
+        ["Manage", "App"].map do |role|
+          _{
+            SourceSecurityGroupId {Ref "#{role}SecurityGroup"}
+            IpProtocol            "tcp"
+            FromPort              3306
+            ToPort                3306
+          }
+        end
+      )
+
+      Tags [
+        _{
+          Key   "Name"
+          Value "mysql"
+        }
+      ]
+    end
+  end
+end
+
+Outputs do
+  Vpc do
+    Value do
+      Ref "Vpc"
+    end
+  end
+end

data/lib/sgviz/cli.rb

@@ -0,0 +1,80 @@
+require "thor"
+
+class Sgviz::CLI < Thor
+  class_option :profile,
+    desc:    "Load credentials by profile name from shared credentials file (~/.aws/credentials).",
+    aliases: [:p]
+
+  class_option :access_key_id,
+    desc:    "AWS access key id.",
+    aliases: [:k]
+
+  class_option :secret_access_key,
+    desc:    "AWS secret access key.",
+    aliases: [:s]
+
+  class_option :region,
+    desc:    "AWS region.",
+    aliases: [:r]
+
+  class_option :format,
+    desc:    "Output file format",
+    aliases: [:f],
+    default: "png"
+
+  class_option :output_path,
+    desc:    "Output file path.",
+    aliases: [:output, :o]
+
+  class_option :vpc_ids,
+    desc:    "AWS VPC IDs (If specified, graph will include security groups in the VPCs).",
+    aliases: [:vpcs, :vpc, :v],
+    type:    :array
+
+  class_option :inbound_only,
+    desc:    "If specified, graph will exclude outbound rules.",
+    type:    :boolean,
+    default: true
+
+  class_option :global_label,
+    desc:    "Label of the diagram.",
+    default: ""
+
+  class_option :fontname,
+    desc:    "Font name used on labels.",
+    default: "Futura"
+
+  class_option :fontsize,
+    desc:    "Font size used on labels.",
+    type:    :numeric,
+    default: 15
+
+  desc "version", "Puts sgviz version."
+  def version
+    puts Sgviz::VERSION
+  end
+
+  desc "open", "Generate and open a graph file."
+  method_option :output_path, required: true
+  def open
+    unless system "which open > /dev/null"
+      abort "`open` command not found."
+    end
+
+    generate
+    system "open #{options.output_path}.#{options.format}"
+  end
+
+  desc "generate", "Generate a graph file."
+  method_option :output_path, required: true
+  def generate
+    generator.generate
+    puts "Graph generated to `#{options.output_path}.#{options.format}`."
+  end
+
+  private
+
+  def generator
+    @generator ||= Sgviz::Generator.new :G, :digraph, options
+  end
+end

data/lib/sgviz/generator.rb

@@ -0,0 +1,251 @@
+require "gviz"
+require "aws-sdk-resources"
+
+class Sgviz::Generator < Gviz
+  def initialize name = :G, type = :digraph, options = {}
+    @options = options
+    super(name, type)
+  end
+
+  def subgraph(name=:"cluster#{subgraphs.size}", &blk)
+    self.class.new(name, :subgraph, options).tap do |graph|
+      subgraphs << graph
+      graph.instance_eval &blk
+    end
+  end
+
+  def generate
+    global(
+      layout:    "dot",
+      label:     options.global_label,
+      labelloc:  "b",
+      fontsize:  options.fontsize,
+      fontname:  options.fontname,
+      fontcolor: "#54523F",
+      margin:    20,
+    )
+
+    nodes(
+      fontsize: options.fontsize,
+      fontname: options.fontname,
+    )
+
+    vpc_security_groups.each do |vpc_id, security_groups|
+      security_groups.each do |security_group|
+        subgraph :clusterAWS do
+          global(
+            label:     aws_configuration[:region],
+            labelloc:  "b",
+            style:     "rounded",
+            color:     "#999999",
+            fontsize:  options.fontsize,
+            fontname:  options.fontname,
+            fontcolor: "#54523F",
+            margin:    20,
+          )
+
+          node :aws,
+            label:       "",
+            image:       "#{__dir__}/images/aws.png",
+            peripheries: 0,
+            fixedsize:   true,
+            imagescale:  true,
+            shape:       "circle",
+            width:       1.5
+
+          subgraph :"cluster#{vpc_id[4..-1]}" do
+            global(
+              label:     vpc_id,
+              labelloc:  "b",
+              style:     "rounded",
+              color:     "#999999",
+              fontsize:  options.fontsize,
+              fontname:  options.fontname,
+              fontcolor: "#54523F",
+              margin:    20,
+            )
+
+            node vpc_id.to_id,
+              label:       "",
+              image:       "#{__dir__}/images/vpc.png",
+              peripheries: 0,
+              fixedsize:   true,
+              imagescale:  true,
+              shape:       "circle",
+              width:       1.5
+
+            name_tag = security_group.tags.find {|tag| tag.key == "Name"}
+
+            node security_group.id.to_id,
+              shape:     "note",
+              style:     "filled",
+              color:     "#EDEAD2",
+              fillcolor: "#EDEAD2",
+              label:     "#{name_tag ? name_tag.value : security_group.group_name}\n(#{security_group.id})",
+              fontsize:  options.fontsize,
+              fontname:  options.fontname,
+              fontcolor: "#54523F",
+              margin:    0.2
+          end
+        end
+
+        security_group.ip_permissions.each do |ip_permission|
+          to = security_group.id.to_id
+
+          ip_permission.ip_ranges.each do |ip_range|
+            from = ip_range.cidr_ip.to_id
+
+            node from,
+              shape:     "ellipse",
+              style:     "filled",
+              color:     "#E7FAFF",
+              fillcolor: "#E7FAFF",
+              label:     ip_range.cidr_ip,
+              fontsize:  options.fontsize,
+              fontname:  options.fontname,
+              fontcolor: "#003E2F"
+
+            add_route :inbound, from, to, ip_permission
+          end
+
+          ip_permission.user_id_group_pairs.each do |user_id_group_pair|
+            from = if user_id_group_pair.user_id == security_group.owner_id
+              user_id_group_pair.group_id.to_id
+            else
+              node xaccount_sg(user_id_group_pair).to_id, xaccount_sg(user_id_group_pair)
+              xaccount_sg(user_id_group_pair).to_id
+            end
+
+            add_route :inbound, from, to, ip_permission
+          end
+        end
+
+        unless options.inbound_only
+          security_group.ip_permissions_egress.each do |ip_permission|
+            from = security_group.id.to_id
+
+            ip_permission.ip_ranges.each do |ip_range|
+              to = ip_range.cidr_ip.to_id
+
+              node to,
+                shape:     "ellipse",
+                style:     "filled",
+                color:     "#E7FAFF",
+                fillcolor: "#E7FAFF",
+                label:     ip_range.cidr_ip,
+                fontsize:  options.fontsize,
+                fontname:  options.fontname,
+                fontcolor: "#003E2F"
+
+              add_route :outbound, from, to, ip_permission
+            end
+
+            ip_permission.user_id_group_pairs.each do |user_id_group_pair|
+              to = if user_id_group_pair.user_id == security_group.owner_id
+                user_id_group_pair.group_id.to_id
+              else
+                node xaccount_sg(user_id_group_pair).to_id, xaccount_sg(user_id_group_pair)
+                xaccount_sg(user_id_group_pair).to_id
+              end
+
+              add_route :outbound, from, to, ip_permission
+            end
+          end
+        end
+      end
+    end
+
+    node "0.0.0.0/0".to_id,
+      label:       "",
+      image:       "#{__dir__}/images/internet.png",
+      peripheries: 0,
+      fixedsize:   true,
+      imagescale:  true,
+      shape:       "circle",
+      width:       1.67
+
+    save options.output_path, options.format
+  end
+
+  private
+
+  def options
+    @options
+  end
+
+  def aws_configuration
+    hash = {}
+
+    [:profile, :access_key_id, :secret_access_key, :region].each do |option|
+      hash.update(option => options[option]) if options[option]
+    end
+
+    hash.update(region: own_region) if hash[:region].nil?
+    hash
+  end
+
+  def own_region
+    @own_region ||= begin
+      require "net/http"
+
+      timeout 3 do
+        Net::HTTP.get("169.254.169.254", "/latest/meta-data/placement/availability-zone").chop
+      end
+    rescue
+      nil
+    end
+  end
+
+  def ec2
+    @ec2 ||= Aws::EC2::Resource.new aws_configuration
+  end
+
+  # returns Hash like `{"vpc-1111111" => [sg1, sg2, ...], "vpc-11111112" => [sg3, sg4, ...], ...}`
+  def vpc_security_groups
+    ec2.security_groups.group_by(&:vpc_id).select do |vpc_id|
+      if options.vpc_ids
+        options.vpc_ids.include? vpc_id
+      else
+        true
+      end
+    end
+  end
+
+  def xaccount_sg user_id_group_pair
+    "#{user_id_group_pair.user_id}/#{user_id_group_pair.group_id}"
+  end
+
+  def add_route in_or_out = :inbound, from, to, ip_permission
+    id    = :"#{from}_#{to}"
+    color = (in_or_out == :inbound ? "#003E2F" : "#045280")
+
+    traffic_map[id] = if traffic_map[id]
+      [traffic_map[id], route_label(ip_permission)].join("\\n")
+    else
+      route_label(ip_permission)
+    end
+
+    edge id,
+      label:     traffic_map[id],
+      style:     "bold",
+      arrowhead: (in_or_out == :inbound ? "normal" : "onormal"),
+      color:     color,
+      fontname:  options.fontname,
+      fontsize:  (options.fontsize * 0.75),
+      fontcolor: color
+  end
+
+  def traffic_map
+    @traffic_map ||= {}
+  end
+
+  def route_label ip_permission
+    if ip_permission.ip_protocol == "-1"
+      "All Traffic"
+    elsif ip_permission.from_port == ip_permission.to_port
+      "#{ip_permission.ip_protocol.upcase}:#{ip_permission.to_port}"
+    else
+      "#{ip_permission.ip_protocol.upcase}:#{ip_permission.from_port}-#{ip_permission.to_port}"
+    end
+  end
+end

data/lib/sgviz/version.rb

@@ -0,0 +1,3 @@
+module Sgviz
+  VERSION = "0.0.1"
+end

data/lib/sgviz.rb

@@ -0,0 +1,3 @@
+require "sgviz/version"
+require "sgviz/generator"
+require "sgviz/cli"

data/sgviz.gemspec

@@ -0,0 +1,32 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sgviz/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "sgviz"
+  spec.version       = Sgviz::VERSION
+  spec.authors       = ["y13i"]
+  spec.email         = ["email@y13i.com"]
+  spec.summary       = %(Visualize VPC Security Groups.)
+  spec.description   = %(A visualization tool for AWS VPC Security Groups.)
+  spec.homepage      = "https://github.com/y13i/sgviz"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+
+  spec.add_dependency "gviz"
+  spec.add_dependency "thor"
+  spec.add_dependency "aws-sdk-resources"
+  spec.add_dependency "aws-sdk-core"
+
+  spec.add_development_dependency "pry"
+  spec.add_development_dependency "awesome_print"
+  spec.add_development_dependency "kumogata"
+end

metadata

@@ -0,0 +1,188 @@
+--- !ruby/object:Gem::Specification
+name: sgviz
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- y13i
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-02-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: gviz
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-resources
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: awesome_print
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: kumogata
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A visualization tool for AWS VPC Security Groups.
+email:
+- email@y13i.com
+executables:
+- sgviz
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/sgviz
+- docs/cfn/example.json
+- docs/cfn/example.rb
+- docs/images/1.png
+- lib/sgviz.rb
+- lib/sgviz/cli.rb
+- lib/sgviz/generator.rb
+- lib/sgviz/images/aws.png
+- lib/sgviz/images/internet.png
+- lib/sgviz/images/vpc.png
+- lib/sgviz/version.rb
+- sgviz.gemspec
+homepage: https://github.com/y13i/sgviz
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Visualize VPC Security Groups.
+test_files: []