module Terrafying::Components::Usable

Public Instance Methods

egress_security_group() click to toggle source
# File lib/terrafying/components/usable.rb, line 14
def egress_security_group
  @egress_security_group || @security_group
end
ingress_security_group() click to toggle source
# File lib/terrafying/components/usable.rb, line 10
def ingress_security_group
  @ingress_security_group || @security_group
end
path_mtu_setup!() click to toggle source
# File lib/terrafying/components/usable.rb, line 18
def path_mtu_setup!
  resource :aws_security_group_rule, "#{@name}-path-mtu".gsub(%r{^(\d)}, '_\1'),
           security_group_id: egress_security_group,
           type: 'ingress',
           protocol: 1, # icmp
           from_port: 3, # icmp type
           to_port: 4, # icmp code
           cidr_blocks: ['0.0.0.0/0']
end
pingable_by(*other_resources) click to toggle source
# File lib/terrafying/components/usable.rb, line 56
def pingable_by(*other_resources)
  other_resources.map do |other_resource|
    resource :aws_security_group_rule, "#{@name}-to-#{other_resource.name}-ping",
             security_group_id: ingress_security_group,
             type: 'ingress',
             protocol: 1, # icmp
             from_port: 8, # icmp type
             to_port: 0, # icmp code
             source_security_group_id: other_resource.egress_security_group

    resource :aws_security_group_rule, "#{@name}-to-#{other_resource.name}-pingv6",
             security_group_id: ingress_security_group,
             type: 'ingress',
             protocol: 58, # icmpv6
             from_port: 128, # icmp type
             to_port: 0, # icmp code
             source_security_group_id: other_resource.egress_security_group

    resource :aws_security_group_rule, "#{other_resource.name}-to-#{@name}-ping",
             security_group_id: other_resource.egress_security_group,
             type: 'egress',
             protocol: 1, # icmp
             from_port: 8, # icmp type
             to_port: 0, # icmp code
             source_security_group_id: ingress_security_group

    resource :aws_security_group_rule, "#{other_resource.name}-to-#{@name}-pingv6",
             security_group_id: other_resource.egress_security_group,
             type: 'egress',
             protocol: 58, # icmpv6
             from_port: 128, # icmp type
             to_port: 0, # icmp code
             source_security_group_id: ingress_security_group
  end
end
pingable_by_cidr(*cidrs) click to toggle source
# File lib/terrafying/components/usable.rb, line 28
def pingable_by_cidr(*cidrs)
  ident = Digest::SHA2.hexdigest cidrs.to_s

  resource :aws_security_group_rule, "#{@name}-to-#{ident}-ping",
           security_group_id: ingress_security_group,
           type: 'ingress',
           protocol: 1, # icmp
           from_port: 8, # icmp type
           to_port: 0, # icmp code
           cidr_blocks: cidrs
end
security_group() click to toggle source
# File lib/terrafying/components/usable.rb, line 6
def security_group
  @security_group
end
used_by(*other_resources, &block) click to toggle source
# File lib/terrafying/components/usable.rb, line 92
def used_by(*other_resources, &block)
  other_resources.map do |other_resource|
    @ports.select(&block).map.map do |port|
      resource :aws_security_group_rule, "#{@name}-to-#{other_resource.name}-#{port[:name]}".gsub(%r{^(\d)}, '_\1'),
               security_group_id: ingress_security_group,
               type: 'ingress',
               from_port: from_port(port[:upstream_port]),
               to_port: to_port(port[:upstream_port]),
               protocol: port[:type] == 'udp' ? 'udp' : 'tcp',
               source_security_group_id: other_resource.egress_security_group

      resource :aws_security_group_rule, "#{other_resource.name}-to-#{@name}-#{port[:name]}".gsub(%r{^(\d)}, '_\1'),
               security_group_id: other_resource.egress_security_group,
               type: 'egress',
               from_port: from_port(port[:downstream_port]),
               to_port: to_port(port[:downstream_port]),
               protocol: port[:type] == 'udp' ? 'udp' : 'tcp',
               source_security_group_id: ingress_security_group
    end
  end
end
used_by_cidr(*cidrs, &block) click to toggle source
# File lib/terrafying/components/usable.rb, line 40
def used_by_cidr(*cidrs, &block)
  cidrs.map do |cidr|
    cidr_ident = cidr.tr('./', '-')

    @ports.select(&block).map do |port|
      resource :aws_security_group_rule, "#{@name}-to-#{cidr_ident}-#{port[:name]}".gsub(%r{^(\d)}, '_\1'),
               security_group_id: ingress_security_group,
               type: 'ingress',
               from_port: from_port(port[:upstream_port]),
               to_port: to_port(port[:upstream_port]),
               protocol: port[:type] == 'udp' ? 'udp' : 'tcp',
               cidr_blocks: [cidr]
    end
  end
end