class Stax::Cmd::Sg
Public Instance Methods
get_id(id)
click to toggle source
# File lib/stax/mixin/sg.rb, line 32 def get_id(id) id.match(/^sg-\h{8}$/) ? id : Aws::Cfn.id(my.stack_name, id) end
get_my_ip()
click to toggle source
lookup my IP as a CIDR
# File lib/stax/mixin/sg.rb, line 50 def get_my_ip open('http://v4.ident.me/').read + '/32' end
inbound()
click to toggle source
# File lib/stax/mixin/sg.rb, line 64 def inbound stack_security_groups.each do |s| debug("Inbound permissions for #{s.logical_resource_id} #{s.physical_resource_id}") print_table sg_permissions(stack_security_group(s.physical_resource_id).first.ip_permissions) end end
ls()
click to toggle source
# File lib/stax/mixin/sg.rb, line 57 def ls print_table Aws::Sg.describe(stack_security_groups.map(&:physical_resource_id)).map { |s| [s.group_name, s.group_id, s.vpc_id, s.description] } end
outbound()
click to toggle source
# File lib/stax/mixin/sg.rb, line 72 def outbound stack_security_groups.each do |s| debug("Outbound permissions for #{s.logical_resource_id} #{s.physical_resource_id}") print_table sg_permissions(stack_security_group(s.physical_resource_id).first.ip_permissions_egress) end end
revoke(id)
click to toggle source
# File lib/stax/mixin/sg.rb, line 89 def revoke(id) Aws::Sg.revoke(get_id(id), options.fetch(:cidr, get_my_ip), options[:port]) end
sg_permissions(perms)
click to toggle source
format permissions output
# File lib/stax/mixin/sg.rb, line 41 def sg_permissions(perms) perms.map do |p| proto = (p.ip_protocol == '-1') ? 'all' : p.ip_protocol port = ((p.from_port == p.to_port) ? p.from_port : [p.from_port, p.to_port].join('-')) || 'all' [proto, port, p.ip_ranges.map(&:cidr_ip).join(','), p.user_id_group_pairs.map(&:group_id).join(',')] end end
stack_security_group(id)
click to toggle source
# File lib/stax/mixin/sg.rb, line 36 def stack_security_group(id) Aws::Sg.describe(get_id(id)) end
stack_security_groups()
click to toggle source
# File lib/stax/mixin/sg.rb, line 28 def stack_security_groups Aws::Cfn.resources_by_type(my.stack_name, 'AWS::EC2::SecurityGroup') end