class Cumulus::SecurityGroups::RuleDiff

Public: Represents a single difference between local rule configuration and AWS configuration of security group rules

Public Class Methods

added(local) click to toggle source

Public: Static method that will produce a diff that contains an added rule

local - the local configuration that was added

Returns the diff

# File lib/security/models/RuleDiff.rb, line 23
def RuleDiff.added(local)
  RuleDiff.new(ADD, nil, local)
end
removed(aws) click to toggle source

Public: Static method that will produce a diff that contains a removed rule

aws - the aws configuration that was removed

Returns the diff

# File lib/security/models/RuleDiff.rb, line 32
def RuleDiff.removed(aws)
  RuleDiff.new(REMOVED, aws)
end

Public Instance Methods

to_s() click to toggle source
# File lib/security/models/RuleDiff.rb, line 36
def to_s
  case @type
  when ADD
    Colors.added("#{to_readable(local)}")
  when REMOVED
    Colors.removed("#{to_readable(aws)}")
  end
end

Private Instance Methods

to_readable(config) click to toggle source

Internal: Produce a human readable string from a config hash

config - the config to process

Returns the human readable string

# File lib/security/models/RuleDiff.rb, line 52
def to_readable(config)
  # yes, for real, AWS returns the STRING "-1" if all protocols are allowed
  protocol = if config.protocol == "-1" then "All" else config.protocol end
  allowed = (config.security_groups + config.subnets).join(", ")
  allowed = "all addresses" if allowed == "0.0.0.0/0"

  temp = "Allowed: #{allowed}, Protocol: #{protocol}, "
  if protocol.downcase == "icmp"
    temp << "Type: #{config.from}, Code: #{config.to}"
  elsif config.from != config.to
    temp << "Ports: #{config.from}-#{config.to}"
  elsif config.from.nil?
    temp << "Ports: all"
  else
    temp << "Port: #{config.from}"
  end
  temp
end