Example usage for com.amazonaws.services.ec2 AmazonEC2Client revokeSecurityGroupIngress

Introduction

In this page you can find the example usage for com.amazonaws.services.ec2 AmazonEC2Client revokeSecurityGroupIngress.

Prototype

@Override
public RevokeSecurityGroupIngressResult revokeSecurityGroupIngress(RevokeSecurityGroupIngressRequest request) 

Source Link

Document

Removes the specified ingress rules from a security group.

Usage

From source file:com.jaspersoft.jasperserver.api.engine.jasperreports.util.AwsDataSourceRecovery.java

License:Open Source License

private String recoverVpcSecurityGroup(AwsReportDataSource awsReportDataSource, String vpcId,
        String ingressPublicIp) {
    AWSCredentials awsCredentials = AwsCredentialUtil.getAWSCredentials(awsReportDataSource.getAWSAccessKey(),
            awsReportDataSource.getAWSSecretKey(), awsReportDataSource.getRoleARN());
    //Security//from  w  ww .  j  a v  a2s .c om
    AmazonEC2Client amazonEc2Client = new AmazonEC2Client(awsCredentials);

    SecurityGroup vpcSecurityGroup = null;
    try {
        DescribeSecurityGroupsResult describeSecurityGroupsResult = amazonEc2Client.describeSecurityGroups();
        if (describeSecurityGroupsResult != null && describeSecurityGroupsResult.getSecurityGroups() != null
                && describeSecurityGroupsResult.getSecurityGroups().size() > 0) {
            for (SecurityGroup securityGroup : describeSecurityGroupsResult.getSecurityGroups()) {
                if (securityGroup.getVpcId() != null && securityGroup.getVpcId().equals(vpcId)
                        && securityGroup.getGroupName().equals(awsProperties.getSecurityGroupName())) {
                    vpcSecurityGroup = securityGroup;
                    break;
                }
            }
        }
    } catch (Exception ex) {
        //Have to be empty.
    }

    boolean ingressIpMaskExist = false;
    String vpcSecurityGroupId;
    if (vpcSecurityGroup != null) {
        vpcSecurityGroupId = vpcSecurityGroup.getGroupId();

        List<IpPermission> ipPermissions = vpcSecurityGroup.getIpPermissions();
        if (ipPermissions != null && ipPermissions.size() > 0) {
            for (IpPermission ipPermission : ipPermissions) {
                if (ipPermission.getIpRanges() != null && ipPermission.getIpRanges().size() > 0
                        && ipPermission.getIpRanges().contains(ingressPublicIp)) {
                    ingressIpMaskExist = true;
                }
            }
        }
        if (!ingressIpMaskExist && ipPermissions != null && ipPermissions.size() > 0) {
            RevokeSecurityGroupIngressRequest revokeSecurityGroupIngressRequest = new RevokeSecurityGroupIngressRequest()
                    .withGroupId(vpcSecurityGroup.getGroupId()).withIpPermissions()
                    .withIpPermissions(vpcSecurityGroup.getIpPermissions());
            amazonEc2Client.revokeSecurityGroupIngress(revokeSecurityGroupIngressRequest);
        }
    } else {
        vpcSecurityGroupId = amazonEc2Client
                .createSecurityGroup(
                        new CreateSecurityGroupRequest().withGroupName(awsProperties.getSecurityGroupName())
                                .withVpcId(vpcId).withDescription(awsProperties.getSecurityGroupDescription()))
                .getGroupId();
    }

    if (!ingressIpMaskExist) {
        IpPermission ipPermission = new IpPermission().withIpProtocol("tcp").withIpRanges(ingressPublicIp)
                .withFromPort(0).withToPort(65535);
        List<IpPermission> ipPermissions = new ArrayList<IpPermission>();
        ipPermissions.add(ipPermission);
        AuthorizeSecurityGroupIngressRequest authorizeRequest = new AuthorizeSecurityGroupIngressRequest()
                .withIpPermissions(ipPermissions).withGroupId(vpcSecurityGroupId);
        amazonEc2Client.authorizeSecurityGroupIngress(authorizeRequest);
    }

    return vpcSecurityGroupId;
}

---