@Override public void addRules( final String name, final Collection<String> ipRanges, final String protocol, final int fromPort, final int toPort ) { IpPermission ipPermission = new IpPermission(); ipPermission.withIpRanges( ipRanges ) .withIpProtocol( protocol ) .withFromPort( fromPort ) .withToPort( toPort ); try { AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest(); request = request.withGroupName( name ).withIpPermissions( ipPermission ); client.authorizeSecurityGroupIngress( request ); } catch ( Exception e ) { LOG.error( "Error whilt adding rule to security group: {}", name, e ); } }
/*** * Open firewall for a security group * * @param groupName Open firewall for this security group * @param ipRanges Open firewall for this IP range * @param ipProtocol Open firewall for this protocol type (eg. tcp, udp) * @param fromPort Open firewall for port range starting at this port * @param toPort Open firewall for port range ending at this port */ public void addPermissionsToSecurityGroup(String groupName, String ipRanges, String ipProtocol, Integer fromPort, Integer toPort) { final AmazonEC2 amazonEC2 = getEc2Client(); final IpPermission ipPermission = new IpPermission() .withIpRanges(ipRanges) .withIpProtocol(ipProtocol) .withFromPort(fromPort) .withToPort(toPort); final AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest() .withGroupName(groupName) .withIpPermissions(ipPermission); amazonEC2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); LOGGER.info("Added permissions: " + ipPermission + " to security group: " + groupName); }
.withGroupName(group_name) .withIpPermissions(ip_perm, ip_perm2);
@Override public SetPermissionsResult setPermissions(String securityGroupName, List<Permission> permissions) { checkNotBlank(securityGroupName, "securityGroupName"); checkNotNull(permissions, "permissions"); Optional<SecurityGroup> optional = getSecurityGroup(securityGroupName); checkState(optional.isPresent(), "Security group [%s] does not exist", securityGroupName); SecurityGroup group = optional.get(); List<IpPermission> oldPerms = group.getIpPermissions(); List<Permission> oldPermissions = getPermissions(oldPerms); Set<Permission> newSet = new HashSet<Permission>(permissions); Set<Permission> oldSet = new HashSet<Permission>(oldPermissions); Set<Permission> adds = SetUtils.difference(newSet, oldSet); Set<Permission> deletes = SetUtils.difference(oldSet, newSet); Set<Permission> existing = SetUtils.intersection(newSet, oldSet); // Delete any permissions that are not in the list, but exist in the security group if (deletes.size() > 0) { RevokeSecurityGroupIngressRequest revoker = new RevokeSecurityGroupIngressRequest(securityGroupName, getIpPermissions(deletes)); client.revokeSecurityGroupIngress(revoker); } // Add any permissions that are in the list but don't exist in the security group if (adds.size() > 0) { AuthorizeSecurityGroupIngressRequest authorizer = new AuthorizeSecurityGroupIngressRequest(); authorizer.withGroupName(securityGroupName).withIpPermissions(getIpPermissions(adds)); client.authorizeSecurityGroupIngress(authorizer); } return new SetPermissionsResult(adds, deletes, existing); }
ec2.authorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest() .withGroupId(groupId) .withGroupName(groupName) .withIpPermissions(parse(ipPermissions))); } catch (AmazonServiceException e) {
/*** * Open firewall for a security group * * @param groupName Open firewall for this security group * @param ipRanges Open firewall for this IP range * @param ipProtocol Open firewall for this protocol type (eg. tcp, udp) * @param fromPort Open firewall for port range starting at this port * @param toPort Open firewall for port range ending at this port */ public void addPermissionsToSecurityGroup(String groupName, String ipRanges, String ipProtocol, Integer fromPort, Integer toPort) { final AmazonEC2 amazonEC2 = getEc2Client(); final IpPermission ipPermission = new IpPermission() .withIpRanges(ipRanges) .withIpProtocol(ipProtocol) .withFromPort(fromPort) .withToPort(toPort); final AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest() .withGroupName(groupName) .withIpPermissions(ipPermission); amazonEC2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); LOGGER.info("Added permissions: " + ipPermission + " to security group: " + groupName); }
/*** * Open firewall for a security group * * @param groupName Open firewall for this security group * @param ipRanges Open firewall for this IP range * @param ipProtocol Open firewall for this protocol type (eg. tcp, udp) * @param fromPort Open firewall for port range starting at this port * @param toPort Open firewall for port range ending at this port */ public void addPermissionsToSecurityGroup(String groupName, String ipRanges, String ipProtocol, Integer fromPort, Integer toPort) { final AmazonEC2 amazonEC2 = getEc2Client(); final IpPermission ipPermission = new IpPermission() .withIpRanges(ipRanges) .withIpProtocol(ipProtocol) .withFromPort(fromPort) .withToPort(toPort); final AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest() .withGroupName(groupName) .withIpPermissions(ipPermission); amazonEC2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); LOGGER.info("Added permissions: " + ipPermission + " to security group: " + groupName); }