List of usage examples for com.amazonaws.services.ec2.model AuthorizeSecurityGroupIngressRequest setIpProtocol
public void setIpProtocol(String ipProtocol)
From source file:com.hpcloud.daas.ec2.AwsConsoleApp.java
License:Open Source License
public static void AddSecurityPorts(List<Integer> ports, String securityGroupName) throws Exception { for (Integer port : ports) { try {//from w w w .j a v a 2s . c om AuthorizeSecurityGroupIngressRequest securityPortsRequest = new AuthorizeSecurityGroupIngressRequest(); securityPortsRequest.setFromPort(port); securityPortsRequest.setIpProtocol("tcp"); securityPortsRequest.setToPort(port); securityPortsRequest.setGroupName(securityGroupName); ec2.authorizeSecurityGroupIngress(securityPortsRequest); System.out.println("Added Access to port " + port.toString()); } catch (AmazonServiceException ase) { System.out.println("Error : Adding access to port " + port.toString()); System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } } }
From source file:org.apache.stratos.aws.extension.AWSHelper.java
License:Apache License
/** * Adds inbound rule to the security group which allows users to access load * balancer at specified port and using the specified protocol. Port * specified should be a proxy port mentioned in the port mappings of the * cartridge.//from ww w. java 2s.c o m * * @param groupId to which this rule to be added * @param region of the security group * @param protocol with which load balancer can be accessed * @param port at which load balancer can be accessed * @throws LoadBalancerExtensionException */ public void addInboundRuleToSecurityGroup(String groupId, String region, String protocol, int port) throws LoadBalancerExtensionException { if (groupId == null || groupId.isEmpty()) { throw new LoadBalancerExtensionException( "Invalid security group Id for addInboundRuleToSecurityGroup."); } boolean ruleAlreadyPresent = false; DescribeSecurityGroupsRequest describeSecurityGroupsRequest = new DescribeSecurityGroupsRequest(); List<String> groupIds = new ArrayList<String>(); groupIds.add(groupId); describeSecurityGroupsRequest.setGroupIds(groupIds); SecurityGroup secirutyGroup = null; try { ec2Client.setEndpoint(String.format(Constants.EC2_ENDPOINT_URL_FORMAT, region)); DescribeSecurityGroupsResult describeSecurityGroupsResult = ec2Client .describeSecurityGroups(describeSecurityGroupsRequest); List<SecurityGroup> securityGroups = describeSecurityGroupsResult.getSecurityGroups(); if (securityGroups != null && securityGroups.size() > 0) { secirutyGroup = securityGroups.get(0); } else { log.warn("No Security Groups found for group id " + groupId); } } catch (AmazonClientException e) { log.error("Could not describe security groups.", e); } if (secirutyGroup != null) { List<IpPermission> existingPermissions = secirutyGroup.getIpPermissions(); IpPermission neededPermission = new IpPermission(); neededPermission.setFromPort(port); neededPermission.setToPort(port); neededPermission.setIpProtocol(protocol); Collection<String> ipRanges = new HashSet<String>(); ipRanges.add(this.allowedCidrIpForLBSecurityGroup); neededPermission.setIpRanges(ipRanges); if (existingPermissions.contains(neededPermission)) { ruleAlreadyPresent = true; } } if (!ruleAlreadyPresent) { AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.setGroupId(groupId); authorizeSecurityGroupIngressRequest.setCidrIp(this.allowedCidrIpForLBSecurityGroup); authorizeSecurityGroupIngressRequest.setFromPort(port); authorizeSecurityGroupIngressRequest.setToPort(port); authorizeSecurityGroupIngressRequest.setIpProtocol(protocol); try { ec2Client.setEndpoint(String.format(Constants.EC2_ENDPOINT_URL_FORMAT, region)); ec2Client.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); } catch (AmazonClientException e) { throw new LoadBalancerExtensionException( "Could not add inbound rule to security group " + groupId + ".", e); } } else { log.info("Rules already present for security group " + groupId); } }
From source file:org.openinfinity.cloud.service.administrator.EC2Wrapper.java
License:Apache License
public void authorizeIPs(String securityGroupName, String cidrIp, Integer fromPort, Integer toPort, String protocol) {/*ww w .ja v a 2 s . c om*/ try { AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest(); if (this.cloudType == InstanceService.CLOUD_TYPE_EUCALYPTUS) { request.setFromPort(fromPort); request.setToPort(toPort); request.setCidrIp(cidrIp); request.setIpProtocol(protocol); } else { IpPermission perm = new IpPermission(); perm.setFromPort(fromPort); perm.setToPort(toPort); perm.setIpProtocol(protocol); List<String> ipRanges = new ArrayList<String>(); ipRanges.add(cidrIp); perm.setIpRanges(ipRanges); List<IpPermission> permList = new ArrayList<IpPermission>(); permList.add(perm); request.setIpPermissions(permList); } request.setGroupName(securityGroupName); ec2.authorizeSecurityGroupIngress(request); } catch (Exception e) { String message = e.getMessage(); LOG.error("Could not set authorized IP:s to security group: " + message); ExceptionUtil.throwSystemException(message, e); } }