List of usage examples for com.amazonaws.services.ec2.model AuthorizeSecurityGroupIngressRequest setFromPort
public void setFromPort(Integer fromPort)
The start of port range for the TCP and UDP protocols, or an ICMP type number.
From source file:com.hpcloud.daas.ec2.AwsConsoleApp.java
License:Open Source License
public static void AddSecurityPorts(List<Integer> ports, String securityGroupName) throws Exception { for (Integer port : ports) { try {//from ww w.j a v a 2s .c o m AuthorizeSecurityGroupIngressRequest securityPortsRequest = new AuthorizeSecurityGroupIngressRequest(); securityPortsRequest.setFromPort(port); securityPortsRequest.setIpProtocol("tcp"); securityPortsRequest.setToPort(port); securityPortsRequest.setGroupName(securityGroupName); ec2.authorizeSecurityGroupIngress(securityPortsRequest); System.out.println("Added Access to port " + port.toString()); } catch (AmazonServiceException ase) { System.out.println("Error : Adding access to port " + port.toString()); System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } } }
From source file:org.apache.stratos.aws.extension.AWSHelper.java
License:Apache License
/** * Adds inbound rule to the security group which allows users to access load * balancer at specified port and using the specified protocol. Port * specified should be a proxy port mentioned in the port mappings of the * cartridge.//from w w w . j a va2 s. c o m * * @param groupId to which this rule to be added * @param region of the security group * @param protocol with which load balancer can be accessed * @param port at which load balancer can be accessed * @throws LoadBalancerExtensionException */ public void addInboundRuleToSecurityGroup(String groupId, String region, String protocol, int port) throws LoadBalancerExtensionException { if (groupId == null || groupId.isEmpty()) { throw new LoadBalancerExtensionException( "Invalid security group Id for addInboundRuleToSecurityGroup."); } boolean ruleAlreadyPresent = false; DescribeSecurityGroupsRequest describeSecurityGroupsRequest = new DescribeSecurityGroupsRequest(); List<String> groupIds = new ArrayList<String>(); groupIds.add(groupId); describeSecurityGroupsRequest.setGroupIds(groupIds); SecurityGroup secirutyGroup = null; try { ec2Client.setEndpoint(String.format(Constants.EC2_ENDPOINT_URL_FORMAT, region)); DescribeSecurityGroupsResult describeSecurityGroupsResult = ec2Client .describeSecurityGroups(describeSecurityGroupsRequest); List<SecurityGroup> securityGroups = describeSecurityGroupsResult.getSecurityGroups(); if (securityGroups != null && securityGroups.size() > 0) { secirutyGroup = securityGroups.get(0); } else { log.warn("No Security Groups found for group id " + groupId); } } catch (AmazonClientException e) { log.error("Could not describe security groups.", e); } if (secirutyGroup != null) { List<IpPermission> existingPermissions = secirutyGroup.getIpPermissions(); IpPermission neededPermission = new IpPermission(); neededPermission.setFromPort(port); neededPermission.setToPort(port); neededPermission.setIpProtocol(protocol); Collection<String> ipRanges = new HashSet<String>(); ipRanges.add(this.allowedCidrIpForLBSecurityGroup); neededPermission.setIpRanges(ipRanges); if (existingPermissions.contains(neededPermission)) { ruleAlreadyPresent = true; } } if (!ruleAlreadyPresent) { AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.setGroupId(groupId); authorizeSecurityGroupIngressRequest.setCidrIp(this.allowedCidrIpForLBSecurityGroup); authorizeSecurityGroupIngressRequest.setFromPort(port); authorizeSecurityGroupIngressRequest.setToPort(port); authorizeSecurityGroupIngressRequest.setIpProtocol(protocol); try { ec2Client.setEndpoint(String.format(Constants.EC2_ENDPOINT_URL_FORMAT, region)); ec2Client.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); } catch (AmazonClientException e) { throw new LoadBalancerExtensionException( "Could not add inbound rule to security group " + groupId + ".", e); } } else { log.info("Rules already present for security group " + groupId); } }
From source file:org.openinfinity.cloud.service.administrator.EC2Wrapper.java
License:Apache License
public void authorizeIPs(String securityGroupName, String cidrIp, Integer fromPort, Integer toPort, String protocol) {/*w w w.j av a 2 s .c om*/ try { AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest(); if (this.cloudType == InstanceService.CLOUD_TYPE_EUCALYPTUS) { request.setFromPort(fromPort); request.setToPort(toPort); request.setCidrIp(cidrIp); request.setIpProtocol(protocol); } else { IpPermission perm = new IpPermission(); perm.setFromPort(fromPort); perm.setToPort(toPort); perm.setIpProtocol(protocol); List<String> ipRanges = new ArrayList<String>(); ipRanges.add(cidrIp); perm.setIpRanges(ipRanges); List<IpPermission> permList = new ArrayList<IpPermission>(); permList.add(perm); request.setIpPermissions(permList); } request.setGroupName(securityGroupName); ec2.authorizeSecurityGroupIngress(request); } catch (Exception e) { String message = e.getMessage(); LOG.error("Could not set authorized IP:s to security group: " + message); ExceptionUtil.throwSystemException(message, e); } }