Example usage for com.amazonaws.services.ec2.model AuthorizeSecurityGroupIngressRequest setCidrIp

List of usage examples for com.amazonaws.services.ec2.model AuthorizeSecurityGroupIngressRequest setCidrIp

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.ec2.model.*
  5. AuthorizeSecurityGroupIngressRequest
  6. setCidrIp

Introduction

In this page you can find the example usage for com.amazonaws.services.ec2.model AuthorizeSecurityGroupIngressRequest setCidrIp.

Prototype


public void setCidrIp(String cidrIp)

Source Link

Document

The IPv4 address range, in CIDR format.

Usage

From source file:org.apache.stratos.aws.extension.AWSHelper.java

License:Apache License

/**
 * Adds inbound rule to the security group which allows users to access load
 * balancer at specified port and using the specified protocol. Port
 * specified should be a proxy port mentioned in the port mappings of the
 * cartridge./*from  w  ww  .  j  a v a  2s. c om*/
 *
 * @param groupId  to which this rule to be added
 * @param region   of the security group
 * @param protocol with which load balancer can be accessed
 * @param port     at which load balancer can be accessed
 * @throws LoadBalancerExtensionException
 */
public void addInboundRuleToSecurityGroup(String groupId, String region, String protocol, int port)
        throws LoadBalancerExtensionException {
    if (groupId == null || groupId.isEmpty()) {
        throw new LoadBalancerExtensionException(
                "Invalid security group Id for addInboundRuleToSecurityGroup.");
    }

    boolean ruleAlreadyPresent = false;

    DescribeSecurityGroupsRequest describeSecurityGroupsRequest = new DescribeSecurityGroupsRequest();

    List<String> groupIds = new ArrayList<String>();
    groupIds.add(groupId);

    describeSecurityGroupsRequest.setGroupIds(groupIds);

    SecurityGroup secirutyGroup = null;

    try {
        ec2Client.setEndpoint(String.format(Constants.EC2_ENDPOINT_URL_FORMAT, region));

        DescribeSecurityGroupsResult describeSecurityGroupsResult = ec2Client
                .describeSecurityGroups(describeSecurityGroupsRequest);

        List<SecurityGroup> securityGroups = describeSecurityGroupsResult.getSecurityGroups();

        if (securityGroups != null && securityGroups.size() > 0) {
            secirutyGroup = securityGroups.get(0);
        } else {
            log.warn("No Security Groups found for group id " + groupId);
        }

    } catch (AmazonClientException e) {
        log.error("Could not describe security groups.", e);
    }

    if (secirutyGroup != null) {
        List<IpPermission> existingPermissions = secirutyGroup.getIpPermissions();

        IpPermission neededPermission = new IpPermission();
        neededPermission.setFromPort(port);
        neededPermission.setToPort(port);
        neededPermission.setIpProtocol(protocol);

        Collection<String> ipRanges = new HashSet<String>();
        ipRanges.add(this.allowedCidrIpForLBSecurityGroup);

        neededPermission.setIpRanges(ipRanges);

        if (existingPermissions.contains(neededPermission)) {
            ruleAlreadyPresent = true;
        }
    }

    if (!ruleAlreadyPresent) {
        AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest();
        authorizeSecurityGroupIngressRequest.setGroupId(groupId);
        authorizeSecurityGroupIngressRequest.setCidrIp(this.allowedCidrIpForLBSecurityGroup);
        authorizeSecurityGroupIngressRequest.setFromPort(port);
        authorizeSecurityGroupIngressRequest.setToPort(port);
        authorizeSecurityGroupIngressRequest.setIpProtocol(protocol);

        try {
            ec2Client.setEndpoint(String.format(Constants.EC2_ENDPOINT_URL_FORMAT, region));

            ec2Client.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest);

        } catch (AmazonClientException e) {
            throw new LoadBalancerExtensionException(
                    "Could not add inbound rule to security group " + groupId + ".", e);
        }
    } else {
        log.info("Rules already present for security group " + groupId);
    }
}

From source file:org.openinfinity.cloud.service.administrator.EC2Wrapper.java

License:Apache License

public void authorizeIPs(String securityGroupName, String cidrIp, Integer fromPort, Integer toPort,
        String protocol) {//from w w  w  . j  a v a2 s . co m
    try {
        AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest();

        if (this.cloudType == InstanceService.CLOUD_TYPE_EUCALYPTUS) {
            request.setFromPort(fromPort);
            request.setToPort(toPort);
            request.setCidrIp(cidrIp);
            request.setIpProtocol(protocol);
        } else {

            IpPermission perm = new IpPermission();
            perm.setFromPort(fromPort);
            perm.setToPort(toPort);
            perm.setIpProtocol(protocol);
            List<String> ipRanges = new ArrayList<String>();
            ipRanges.add(cidrIp);
            perm.setIpRanges(ipRanges);
            List<IpPermission> permList = new ArrayList<IpPermission>();
            permList.add(perm);
            request.setIpPermissions(permList);
        }
        request.setGroupName(securityGroupName);
        ec2.authorizeSecurityGroupIngress(request);
    } catch (Exception e) {
        String message = e.getMessage();
        LOG.error("Could not set authorized IP:s to security group: " + message);
        ExceptionUtil.throwSystemException(message, e);
    }
}