List of usage examples for com.amazonaws.services.ec2 AmazonEC2 revokeSecurityGroupIngress
RevokeSecurityGroupIngressResult revokeSecurityGroupIngress(
RevokeSecurityGroupIngressRequest revokeSecurityGroupIngressRequest);
Removes the specified ingress rules from a security group.
From source file:c3.ops.priam.aws.AWSMembership.java
License:Apache License
/** * removes a iplist from the SG/* w w w. j a v a 2 s. co m*/ */ public void removeACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add(new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs) .withToPort(to)); client.revokeSecurityGroupIngress( new RevokeSecurityGroupIngressRequest(config.getACLGroupName(), ipPermissions)); logger.info("Done removing from ACL: " + StringUtils.join(listIPs, ",")); } finally { if (client != null) client.shutdown(); } }
From source file:com.axemblr.provisionr.amazon.activities.EnsureSecurityGroupExists.java
License:Apache License
private void revokeIngressRules(AmazonEC2 client, String groupName, Set<IpPermission> ipPermissions) { if (!ipPermissions.isEmpty()) { LOG.info(">> Revoking Security Group Ingress Rules: {} for {}", ipPermissions, groupName); RevokeSecurityGroupIngressRequest request = new RevokeSecurityGroupIngressRequest() .withGroupName(groupName).withIpPermissions(ipPermissions); client.revokeSecurityGroupIngress(request); }//from w ww. j a v a 2 s . c om }
From source file:com.netflix.dynomitemanager.sidecore.aws.AWSMembership.java
License:Apache License
/** * removes a iplist from the SG// w w w.jav a 2 s .com */ public void removeACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add(new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs) .withToPort(to)); if (this.insEnvIdentity.isClassic()) { client.revokeSecurityGroupIngress( new RevokeSecurityGroupIngressRequest(config.getACLGroupName(), ipPermissions)); logger.info("Done removing from ACL within classic env for running instance: " + StringUtils.join(listIPs, ",")); } else { RevokeSecurityGroupIngressRequest req = new RevokeSecurityGroupIngressRequest(); req.withGroupId(getVpcGroupId()); //fetch SG group id for vpc account of the running instance. client.revokeSecurityGroupIngress(req.withIpPermissions(ipPermissions)); //Adding peers' IPs as ingress to the running instance SG logger.info("Done removing from ACL within vpc env for running instance: " + StringUtils.join(listIPs, ",")); } } finally { if (client != null) client.shutdown(); } }
From source file:com.urbancode.terraform.tasks.aws.helpers.AWSHelper.java
License:Apache License
/** * * @param groupId/* w w w . j a v a2 s. c o m*/ * @param protocol * @param startPort * @param endPort * @param cidr * @param inbound * @param ec2Client */ public void deleteRuleForSecurityGroup(String groupId, String protocol, int startPort, int endPort, String cidr, boolean inbound, AmazonEC2 ec2Client) { IpPermission perm = new IpPermission().withFromPort(startPort).withToPort(endPort).withIpProtocol(protocol) .withIpRanges(cidr); try { if (inbound) { RevokeSecurityGroupIngressRequest request = new RevokeSecurityGroupIngressRequest() .withGroupId(groupId).withIpPermissions(perm); ec2Client.revokeSecurityGroupIngress(request); } else { RevokeSecurityGroupEgressRequest request = new RevokeSecurityGroupEgressRequest() .withGroupId(groupId).withIpPermissions(perm); ec2Client.revokeSecurityGroupEgress(request); } } catch (AmazonServiceException e) { log.error("Failed to delete Rule on Security Group " + groupId); if (!"InvalidGroup.NotFound".equals(e.getErrorCode())) { throw e; } } }
From source file:jp.classmethod.aws.gradle.ec2.AmazonEC2RevokeSecurityGroupIngressTask.java
License:Apache License
@TaskAction public void revokeIngress() { // to enable conventionMappings feature String groupId = getGroupId(); Object ipPermissions = getIpPermissions(); if (groupId == null) { throw new GradleException("groupId is not specified"); }// ww w.j av a2 s .c om if (ipPermissions == null) { throw new GradleException("ipPermissions is not specified"); } AmazonEC2PluginExtension ext = getProject().getExtensions().getByType(AmazonEC2PluginExtension.class); AmazonEC2 ec2 = ext.getClient(); try { ec2.revokeSecurityGroupIngress(new RevokeSecurityGroupIngressRequest().withGroupId(groupId) .withIpPermissions(parse(ipPermissions))); } catch (AmazonServiceException e) { if (e.getErrorCode().equals("InvalidPermission.NotFound")) { getLogger().warn(e.getMessage()); } else { throw e; } } }
From source file:org.xmlsh.aws.gradle.ec2.AmazonEC2RevokeSecurityGroupIngressTask.java
License:BSD License
@TaskAction public void revokeIngress() { // to enable conventionMappings feature String groupId = getGroupId(); Object ipPermissions = getIpPermissions(); if (groupId == null) throw new GradleException("groupId is not specified"); if (ipPermissions == null) throw new GradleException("ipPermissions is not specified"); AmazonEC2PluginExtension ext = getProject().getExtensions().getByType(AmazonEC2PluginExtension.class); AmazonEC2 ec2 = ext.getClient(); try {//from ww w .j a va2s . co m ec2.revokeSecurityGroupIngress(new RevokeSecurityGroupIngressRequest().withGroupId(groupId) .withIpPermissions(parse(ipPermissions))); } catch (AmazonServiceException e) { if (e.getErrorCode().equals("InvalidPermission.NotFound")) { getLogger().warn(e.getMessage()); } else { throw e; } } }