protected void authorizeGroupToItself(String region, String name) { logger.debug(">> authorizing securityGroup region(%s) name(%s) permission to itself", region, name); String myOwnerId = Iterables.get(securityClient.describeSecurityGroupsInRegion(region, name), 0).getOwnerId(); securityClient.authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(myOwnerId, name)); logger.debug("<< authorized securityGroup(%s)", name); }
protected void authorizeGroupToItself(String region, String name) { logger.debug(">> authorizing securityGroup region(%s) name(%s) permission to itself", region, name); String myOwnerId = Iterables.get(securityClient.describeSecurityGroupsInRegion(region, name), 0).getOwnerId(); securityClient.authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(myOwnerId, name)); logger.debug("<< authorized securityGroup(%s)", name); }
protected void authorizeGroupToItself(String region, String name) { logger.debug(">> authorizing securityGroup region(%s) name(%s) permission to itself", region, name); String myOwnerId = Iterables.get(securityClient.describeSecurityGroupsInRegion(region, name), 0).getOwnerId(); securityClient.authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(myOwnerId, name)); logger.debug("<< authorized securityGroup(%s)", name); }
protected void authorizeGroupToItself(String region, String name) { logger.debug(">> authorizing securityGroup region(%s) name(%s) permission to itself", region, name); String myOwnerId = Iterables.get(securityClient.describeSecurityGroupsInRegion(region, name), 0).getOwnerId(); securityClient.authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(myOwnerId, name)); logger.debug("<< authorized securityGroup(%s)", name); }
protected void authorizeGroupToItself(String region, String name) { logger.debug(">> authorizing securityGroup region(%s) name(%s) permission to itself", region, name); String myOwnerId = Iterables.get(securityClient.describeSecurityGroupsInRegion(region, name), 0).getOwnerId(); securityClient.authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(myOwnerId, name)); logger.debug("<< authorized securityGroup(%s)", name); }
@Override public SecurityGroup addIpPermission(IpProtocol protocol, int startPort, int endPort, Multimap<String, String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group) { String region = AWSUtils.getRegionFromLocationOrNull(group.getLocation()); String name = group.getName(); if (!Iterables.isEmpty(ipRanges)) { for (String cidr : ipRanges) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, protocol, startPort, endPort, cidr); } } if (!tenantIdGroupNamePairs.isEmpty()) { for (String userId : tenantIdGroupNamePairs.keySet()) { for (String groupName : tenantIdGroupNamePairs.get(userId)) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(userId, groupName)); } } } return getSecurityGroupById(new RegionAndName(region, group.getName()).slashEncode()); }
@Override public SecurityGroup removeIpPermission(IpProtocol protocol, int startPort, int endPort, Multimap<String, String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group) { String region = AWSUtils.getRegionFromLocationOrNull(group.getLocation()); String name = group.getName(); if (!Iterables.isEmpty(ipRanges)) { for (String cidr : ipRanges) { client.getSecurityGroupApi().get(). revokeSecurityGroupIngressInRegion(region, name, protocol, startPort, endPort, cidr); } } if (!tenantIdGroupNamePairs.isEmpty()) { for (String userId : tenantIdGroupNamePairs.keySet()) { for (String groupName : tenantIdGroupNamePairs.get(userId)) { client.getSecurityGroupApi().get(). revokeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(userId, groupName)); } } } return getSecurityGroupById(new RegionAndName(region, group.getName()).slashEncode()); }
@Override public SecurityGroup addIpPermission(IpProtocol protocol, int startPort, int endPort, Multimap<String, String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group) { String region = AWSUtils.getRegionFromLocationOrNull(group.getLocation()); String name = group.getName(); if (!Iterables.isEmpty(ipRanges)) { for (String cidr : ipRanges) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, protocol, startPort, endPort, cidr); } } if (!tenantIdGroupNamePairs.isEmpty()) { for (String userId : tenantIdGroupNamePairs.keySet()) { for (String groupName : tenantIdGroupNamePairs.get(userId)) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(userId, groupName)); } } } return getSecurityGroupById(new RegionAndName(region, group.getName()).slashEncode()); }
@SuppressWarnings("unchecked") @Test public void testWhenPort22AndToItselfAuthorizesIngressTwice() throws ExecutionException { SecurityGroupClient client = createMock(SecurityGroupClient.class); Predicate<RegionAndName> tester = Predicates.alwaysTrue(); SecurityGroup group = createNiceMock(SecurityGroup.class); Set<SecurityGroup> groups = ImmutableSet.<SecurityGroup> of(group); client.createSecurityGroupInRegion("region", "group", "group"); client.authorizeSecurityGroupIngressInRegion("region", "group", IpProtocol.TCP, 22, 22, "0.0.0.0/0"); expect(client.describeSecurityGroupsInRegion("region", "group")).andReturn(Set.class.cast(groups)); expect(group.getOwnerId()).andReturn("ownerId"); client.authorizeSecurityGroupIngressInRegion("region", "group", new UserIdGroupPair("ownerId", "group")); replay(client); replay(group); CreateSecurityGroupIfNeeded function = new CreateSecurityGroupIfNeeded(client, tester); assertEquals("group", function.load(new RegionNameAndIngressRules("region", "group", new int[] { 22 }, true))); verify(client); verify(group); }
@SuppressWarnings("unchecked") @Test public void testWhenPort22AndToItselfAuthorizesIngressTwice() throws ExecutionException { SecurityGroupApi client = createMock(SecurityGroupApi.class); Predicate<RegionAndName> tester = Predicates.alwaysTrue(); SecurityGroup group = createNiceMock(SecurityGroup.class); Set<SecurityGroup> groups = ImmutableSet.<SecurityGroup> of(group); client.createSecurityGroupInRegion("region", "group", "group"); client.authorizeSecurityGroupIngressInRegion("region", "group", IpProtocol.TCP, 22, 22, "0.0.0.0/0"); expect(client.describeSecurityGroupsInRegion("region", "group")).andReturn(Set.class.cast(groups)); expect(group.getOwnerId()).andReturn("ownerId"); client.authorizeSecurityGroupIngressInRegion("region", "group", new UserIdGroupPair("ownerId", "group")); replay(client); replay(group); CreateSecurityGroupIfNeeded function = new CreateSecurityGroupIfNeeded(client, tester); assertEquals("group", function.load(new RegionNameAndIngressRules("region", "group", new int[] { 22 }, true, null))); verify(client); verify(group); }
public void testUserIdGroupPair() { UserIdGroupPair pair = new UserIdGroupPair("id", "group"); HttpRequest request = HttpRequest.builder().method("POST").endpoint("http://localhost").build(); request = binder.bindToRequest(request, pair); assertEquals(request.getPayload().getRawContent(), "SourceSecurityGroupOwnerId=id&SourceSecurityGroupName=group"); }
@Override public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) { String region = AWSUtils.getRegionFromLocationOrNull(group.getLocation()); String name = group.getName(); if (!ipPermission.getCidrBlocks().isEmpty()) { for (String cidr : ipPermission.getCidrBlocks()) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), cidr); } } if (!ipPermission.getTenantIdGroupNamePairs().isEmpty()) { for (String userId : ipPermission.getTenantIdGroupNamePairs().keySet()) { for (String groupName : ipPermission.getTenantIdGroupNamePairs().get(userId)) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(userId, groupName)); } } } return getSecurityGroupById(new RegionAndName(region, group.getName()).slashEncode()); }
@Override public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) { String region = AWSUtils.getRegionFromLocationOrNull(group.getLocation()); String name = group.getName(); if (!ipPermission.getCidrBlocks().isEmpty()) { for (String cidr : ipPermission.getCidrBlocks()) { client.getSecurityGroupApi().get(). revokeSecurityGroupIngressInRegion(region, name, ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), cidr); } } if (!ipPermission.getTenantIdGroupNamePairs().isEmpty()) { for (String userId : ipPermission.getTenantIdGroupNamePairs().keySet()) { for (String groupName : ipPermission.getTenantIdGroupNamePairs().get(userId)) { client.getSecurityGroupApi().get(). revokeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(userId, groupName)); } } } return getSecurityGroupById(new RegionAndName(region, group.getName()).slashEncode()); }
@Override public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) { String region = AWSUtils.getRegionFromLocationOrNull(group.getLocation()); String name = group.getName(); if (!ipPermission.getCidrBlocks().isEmpty()) { for (String cidr : ipPermission.getCidrBlocks()) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), cidr); } } if (!ipPermission.getTenantIdGroupNamePairs().isEmpty()) { for (String userId : ipPermission.getTenantIdGroupNamePairs().keySet()) { for (String groupName : ipPermission.getTenantIdGroupNamePairs().get(userId)) { client.getSecurityGroupApi().get(). authorizeSecurityGroupIngressInRegion(region, name, new UserIdGroupPair(userId, groupName)); } } } return getSecurityGroupById(new RegionAndName(region, group.getName()).slashEncode()); }
public void testUserIdGroupPair() { UserIdGroupPair pair = new UserIdGroupPair("id", "group"); HttpRequest request = HttpRequest.builder().method("POST").endpoint("http://localhost").build(); request = binder.bindToRequest(request, pair); assertEquals(request.getPayload().getRawContent(), "SourceSecurityGroupOwnerId=id&SourceSecurityGroupName=group"); }
final SecurityGroup group = oneResult.iterator().next(); assertEquals(group.getName(), group1Name); final UserIdGroupPair to = new UserIdGroupPair(group.getOwnerId(), group1Name); client.authorizeSecurityGroupIngressInRegion(null, group2Name, to); assertEventually(new GroupHasPermission(client, group2Name, new Predicate<IpPermission>() { new UserIdGroupPair(group.getOwnerId(), group1Name)); assertEventually(new GroupHasNoPermissions(client, group2Name)); } finally {
public void testRevokeSecurityGroupIngressGroup() throws SecurityException, NoSuchMethodException, IOException { Invokable<?, ?> method = method(SecurityGroupAsyncClient.class, "revokeSecurityGroupIngressInRegion", String.class, String.class, UserIdGroupPair.class); GeneratedHttpRequest request = processor.createRequest(method, Lists.<Object> newArrayList(null, "group", new UserIdGroupPair("sourceUser", "sourceGroup"))); assertRequestLineEquals(request, "POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1"); assertNonPayloadHeadersEqual(request, "Host: ec2.us-east-1.amazonaws.com\n"); assertPayloadEquals( request, "Action=RevokeSecurityGroupIngress&GroupName=group&SourceSecurityGroupOwnerId=sourceUser&SourceSecurityGroupName=sourceGroup", "application/x-www-form-urlencoded", false); assertResponseParserClassEquals(method, request, ReleasePayloadAndReturn.class); assertSaxResponseParserClassEquals(method, null); assertFallbackClassEquals(method, null); checkFilters(request); }
public void testAuthorizeSecurityGroupIngressGroup() throws SecurityException, NoSuchMethodException, IOException { Invokable<?, ?> method = method(SecurityGroupAsyncClient.class, "authorizeSecurityGroupIngressInRegion", String.class, String.class, UserIdGroupPair.class); GeneratedHttpRequest request = processor.createRequest(method, Lists.<Object> newArrayList(null, "group", new UserIdGroupPair("sourceUser", "sourceGroup"))); assertRequestLineEquals(request, "POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1"); assertNonPayloadHeadersEqual(request, "Host: ec2.us-east-1.amazonaws.com\n"); assertPayloadEquals( request, "Action=AuthorizeSecurityGroupIngress&GroupName=group&SourceSecurityGroupOwnerId=sourceUser&SourceSecurityGroupName=sourceGroup", "application/x-www-form-urlencoded", false); assertResponseParserClassEquals(method, request, ReleasePayloadAndReturn.class); assertSaxResponseParserClassEquals(method, null); assertFallbackClassEquals(method, null); checkFilters(request); }
public void testRevokeSecurityGroupIngressGroup() throws SecurityException, NoSuchMethodException, IOException { Invokable<?, ?> method = method(SecurityGroupApi.class, "revokeSecurityGroupIngressInRegion", String.class, String.class, UserIdGroupPair.class); GeneratedHttpRequest request = processor.createRequest(method, Lists.<Object> newArrayList(null, "group", new UserIdGroupPair("sourceUser", "sourceGroup"))); assertRequestLineEquals(request, "POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1"); assertNonPayloadHeadersEqual(request, "Host: ec2.us-east-1.amazonaws.com\n"); assertPayloadEquals( request, "Action=RevokeSecurityGroupIngress&GroupName=group&SourceSecurityGroupOwnerId=sourceUser&SourceSecurityGroupName=sourceGroup", "application/x-www-form-urlencoded", false); assertResponseParserClassEquals(method, request, ReleasePayloadAndReturn.class); assertSaxResponseParserClassEquals(method, null); assertFallbackClassEquals(method, null); checkFilters(request); }
public void testAuthorizeSecurityGroupIngressGroup() throws SecurityException, NoSuchMethodException, IOException { Invokable<?, ?> method = method(SecurityGroupApi.class, "authorizeSecurityGroupIngressInRegion", String.class, String.class, UserIdGroupPair.class); GeneratedHttpRequest request = processor.createRequest(method, Lists.<Object> newArrayList(null, "group", new UserIdGroupPair("sourceUser", "sourceGroup"))); assertRequestLineEquals(request, "POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1"); assertNonPayloadHeadersEqual(request, "Host: ec2.us-east-1.amazonaws.com\n"); assertPayloadEquals( request, "Action=AuthorizeSecurityGroupIngress&GroupName=group&SourceSecurityGroupOwnerId=sourceUser&SourceSecurityGroupName=sourceGroup", "application/x-www-form-urlencoded", false); assertResponseParserClassEquals(method, request, ReleasePayloadAndReturn.class); assertSaxResponseParserClassEquals(method, null); assertFallbackClassEquals(method, null); checkFilters(request); }