class Stax::Cmd::Sg

Public Instance Methods

authorize(id) click to toggle source
# File lib/stax/mixin/sg.rb, line 82
def authorize(id)
  Aws::Sg.authorize(get_id(id), options.fetch(:cidr, get_my_ip), options[:port])
end
get_id(id) click to toggle source
# File lib/stax/mixin/sg.rb, line 32
def get_id(id)
  id.match(/^sg-\h{8}$/) ? id : Aws::Cfn.id(my.stack_name, id)
end
get_my_ip() click to toggle source

lookup my IP as a CIDR

# File lib/stax/mixin/sg.rb, line 50
def get_my_ip
  open('http://v4.ident.me/').read + '/32'
end
inbound() click to toggle source
# File lib/stax/mixin/sg.rb, line 64
def inbound
  stack_security_groups.each do |s|
    debug("Inbound permissions for #{s.logical_resource_id} #{s.physical_resource_id}")
    print_table sg_permissions(stack_security_group(s.physical_resource_id).first.ip_permissions)
  end
end
ls() click to toggle source
# File lib/stax/mixin/sg.rb, line 57
def ls
  print_table Aws::Sg.describe(stack_security_groups.map(&:physical_resource_id)).map { |s|
    [s.group_name, s.group_id, s.vpc_id, s.description]
  }
end
outbound() click to toggle source
# File lib/stax/mixin/sg.rb, line 72
def outbound
  stack_security_groups.each do |s|
    debug("Outbound permissions for #{s.logical_resource_id} #{s.physical_resource_id}")
    print_table sg_permissions(stack_security_group(s.physical_resource_id).first.ip_permissions_egress)
  end
end
revoke(id) click to toggle source
# File lib/stax/mixin/sg.rb, line 89
def revoke(id)
  Aws::Sg.revoke(get_id(id), options.fetch(:cidr, get_my_ip), options[:port])
end
sg_permissions(perms) click to toggle source

format permissions output

# File lib/stax/mixin/sg.rb, line 41
def sg_permissions(perms)
  perms.map do |p|
    proto = (p.ip_protocol == '-1') ? 'all' : p.ip_protocol
    port = ((p.from_port == p.to_port) ? p.from_port : [p.from_port, p.to_port].join('-')) || 'all'
    [proto, port, p.ip_ranges.map(&:cidr_ip).join(','), p.user_id_group_pairs.map(&:group_id).join(',')]
  end
end
stack_security_group(id) click to toggle source
# File lib/stax/mixin/sg.rb, line 36
def stack_security_group(id)
  Aws::Sg.describe(get_id(id))
end
stack_security_groups() click to toggle source
# File lib/stax/mixin/sg.rb, line 28
def stack_security_groups
  Aws::Cfn.resources_by_type(my.stack_name, 'AWS::EC2::SecurityGroup')
end