.withFromPort(from) .withIpProtocol("tcp") .withIpRanges(listIPs) .withToPort(to));
.withFromPort(from) .withIpProtocol("tcp") .withIpRanges(listIPs) .withToPort(to));
@Override public void addRules( final String name, final Collection<String> ipRanges, final String protocol, final int fromPort, final int toPort ) { IpPermission ipPermission = new IpPermission(); ipPermission.withIpRanges( ipRanges ) .withIpProtocol( protocol ) .withFromPort( fromPort ) .withToPort( toPort ); try { AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest(); request = request.withGroupName( name ).withIpPermissions( ipPermission ); client.authorizeSecurityGroupIngress( request ); } catch ( Exception e ) { LOG.error( "Error whilt adding rule to security group: {}", name, e ); } }
@Override public void deleteRules( final String name, final Collection<String> ipRanges, final String protocol, final int port ) { IpPermission permission = new IpPermission(); permission = permission.withIpProtocol( protocol ) .withFromPort( port ) .withToPort( port ) .withIpRanges( ipRanges ); RevokeSecurityGroupIngressRequest request = new RevokeSecurityGroupIngressRequest(); request = request.withGroupName( name ).withIpPermissions( permission ); client.revokeSecurityGroupIngress( request ); }
/*** * Open firewall for a security group * * @param groupName Open firewall for this security group * @param ipRanges Open firewall for this IP range * @param ipProtocol Open firewall for this protocol type (eg. tcp, udp) * @param fromPort Open firewall for port range starting at this port * @param toPort Open firewall for port range ending at this port */ public void addPermissionsToSecurityGroup(String groupName, String ipRanges, String ipProtocol, Integer fromPort, Integer toPort) { final AmazonEC2 amazonEC2 = getEc2Client(); final IpPermission ipPermission = new IpPermission() .withIpRanges(ipRanges) .withIpProtocol(ipProtocol) .withFromPort(fromPort) .withToPort(toPort); final AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest() .withGroupName(groupName) .withIpPermissions(ipPermission); amazonEC2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); LOGGER.info("Added permissions: " + ipPermission + " to security group: " + groupName); }
.withFromPort(fromPort) .withToPort(toPort) .withIpRanges(ranges); } else { throw new GradleException("ipPermission type only supports IpPermission or String: " + it.getClass());
/** * removes a iplist from the SG */ public void removeACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add(new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs).withToPort(to)); client.revokeSecurityGroupIngress(new RevokeSecurityGroupIngressRequest(config.getACLGroupName(), ipPermissions)); logger.info("Done removing from ACL: " + StringUtils.join(listIPs, ",")); } finally { if (client != null) client.shutdown(); } }
/** * Adds a iplist to the SG. */ public void addACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add(new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs).withToPort(to)); client.authorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest(config.getACLGroupName(), ipPermissions)); logger.info("Done adding ACL to: " + StringUtils.join(listIPs, ",")); } finally { if (client != null) client.shutdown(); } }
/** * removes a iplist from the SG */ public void removeACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add( new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs).withToPort(to)); if (this.insEnvIdentity.isClassic()) { client.revokeSecurityGroupIngress( new RevokeSecurityGroupIngressRequest(envVariables.getDynomiteClusterName(), ipPermissions)); logger.info("Done removing from ACL within classic env for running instance: " + StringUtils.join(listIPs, ",")); } else { RevokeSecurityGroupIngressRequest req = new RevokeSecurityGroupIngressRequest(); req.withGroupId(getVpcGroupId()); // fetch SG group id for vpc // account of the running // instance. // Adding Peer's IPs as ingress to the running instances client.revokeSecurityGroupIngress(req.withIpPermissions(ipPermissions)); logger.info("Done removing from ACL within vpc env for running instance: " + StringUtils.join(listIPs, ",")); } } finally { if (client != null) client.shutdown(); } }
/** * Adding peers' IPs as ingress to the running instance SG. The running * instance could be in "classic" or "vpc" */ public void addACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add( new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs).withToPort(to)); if (this.insEnvIdentity.isClassic()) { client.authorizeSecurityGroupIngress( new AuthorizeSecurityGroupIngressRequest(envVariables.getDynomiteClusterName(), ipPermissions)); logger.info("Done adding ACL to classic: " + StringUtils.join(listIPs, ",")); } else { AuthorizeSecurityGroupIngressRequest sgIngressRequest = new AuthorizeSecurityGroupIngressRequest(); // fetch SG group id for VPC account of the running instances sgIngressRequest.withGroupId(getVpcGroupId()); // Add peer's IPs as ingress to the SG that the running instance // belongs to client.authorizeSecurityGroupIngress(sgIngressRequest.withIpPermissions(ipPermissions)); logger.info("Done adding ACL to vpc: " + StringUtils.join(listIPs, ",")); } } finally { if (client != null) client.shutdown(); } }
protected IpPermission getIpPermission(Permission perm) { IpPermission newPerm = new IpPermission(); newPerm.withIpRanges(perm.getCidrNotations()); newPerm.withIpProtocol(perm.getProtocol().getValue()); newPerm.withFromPort(perm.getPort()); newPerm.withToPort(perm.getPort()); return newPerm; }
/*** * Open firewall for a security group * * @param groupName Open firewall for this security group * @param ipRanges Open firewall for this IP range * @param ipProtocol Open firewall for this protocol type (eg. tcp, udp) * @param fromPort Open firewall for port range starting at this port * @param toPort Open firewall for port range ending at this port */ public void addPermissionsToSecurityGroup(String groupName, String ipRanges, String ipProtocol, Integer fromPort, Integer toPort) { final AmazonEC2 amazonEC2 = getEc2Client(); final IpPermission ipPermission = new IpPermission() .withIpRanges(ipRanges) .withIpProtocol(ipProtocol) .withFromPort(fromPort) .withToPort(toPort); final AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest() .withGroupName(groupName) .withIpPermissions(ipPermission); amazonEC2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); LOGGER.info("Added permissions: " + ipPermission + " to security group: " + groupName); }
/*** * Open firewall for a security group * * @param groupName Open firewall for this security group * @param ipRanges Open firewall for this IP range * @param ipProtocol Open firewall for this protocol type (eg. tcp, udp) * @param fromPort Open firewall for port range starting at this port * @param toPort Open firewall for port range ending at this port */ public void addPermissionsToSecurityGroup(String groupName, String ipRanges, String ipProtocol, Integer fromPort, Integer toPort) { final AmazonEC2 amazonEC2 = getEc2Client(); final IpPermission ipPermission = new IpPermission() .withIpRanges(ipRanges) .withIpProtocol(ipProtocol) .withFromPort(fromPort) .withToPort(toPort); final AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest() .withGroupName(groupName) .withIpPermissions(ipPermission); amazonEC2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); LOGGER.info("Added permissions: " + ipPermission + " to security group: " + groupName); }
.withToPort(endPort) .withIpProtocol(protocol) .withIpRanges(cidr); if (inbound) {
.withToPort(endPort) .withIpProtocol(protocol) .withIpRanges(cidr); try { if (inbound) {
ip.setToPort(22); AuthorizeSecurityGroupIngressRequest r = new AuthorizeSecurityGroupIngressRequest(); r = r.withIpPermissions(ip.withIpRanges("0.0.0.0/0")); r.setGroupId(g.getGroupId()); try {