List of usage examples for com.amazonaws.services.ec2.model InstanceNetworkInterface getNetworkInterfaceId
public String getNetworkInterfaceId()
The ID of the network interface.
From source file:dsmwatcher.DSMWatcher.java
License:Open Source License
public void removeIsolation(Instance instance, AmazonEC2Client ec2) throws Exception { List<InstanceNetworkInterface> ienis = instance.getNetworkInterfaces(); for (InstanceNetworkInterface ieni : ienis) { DescribeNetworkInterfacesRequest netReq = new DescribeNetworkInterfacesRequest() .withNetworkInterfaceIds(ieni.getNetworkInterfaceId()); DescribeNetworkInterfacesResult netResult = ec2.describeNetworkInterfaces(netReq); List<com.amazonaws.services.ec2.model.NetworkInterface> enis = netResult.getNetworkInterfaces(); for (com.amazonaws.services.ec2.model.NetworkInterface eni : enis) { List<Tag> tagSet = eni.getTagSet(); List<Tag> tagSetRemove = new LinkedList<Tag>(); boolean isolatedENI = false; boolean IRENI = false; String origSecGroups = null; List<String> origSecGroupsList = new ArrayList<String>(); for (Tag tag : tagSet) { if (tag.getKey().compareTo("PreIsolationSG") == 0) { origSecGroups = tag.getValue(); tagSetRemove.add(tag); isolatedENI = true;/*from w ww .jav a 2 s.c o m*/ } else if (tag.getKey().compareTo("InIsolation") == 0) { tagSetRemove.add(tag); } else if (tag.getKey().compareTo("IRENI") == 0) { IRENI = true; } } if (isolatedENI) { for (String s : origSecGroups.split(",")) { origSecGroupsList.add(s); } ModifyNetworkInterfaceAttributeRequest netReqest = new ModifyNetworkInterfaceAttributeRequest() .withNetworkInterfaceId(eni.getNetworkInterfaceId()).withGroups(origSecGroupsList); ec2.modifyNetworkInterfaceAttribute(netReqest); DeleteTagsRequest dtr = new DeleteTagsRequest().withResources(eni.getNetworkInterfaceId()) .withTags(tagSetRemove); ec2.deleteTags(dtr); } if (IRENI) { DetachNetworkInterfaceRequest detachNetworkInterfaceRequest = new DetachNetworkInterfaceRequest() .withAttachmentId(eni.getAttachment().getAttachmentId()); ec2.detachNetworkInterface(detachNetworkInterfaceRequest); TimeUnit.SECONDS.sleep(30); if (eni.getStatus().compareTo("available") != 0) { //detach is taking awhile, wait another 30 seconds TimeUnit.SECONDS.sleep(30); } DeleteNetworkInterfaceRequest deleteNetworkInterfaceRequest = new DeleteNetworkInterfaceRequest() .withNetworkInterfaceId(eni.getNetworkInterfaceId()); ec2.deleteNetworkInterface(deleteNetworkInterfaceRequest); } } } log("Instance " + instance.getInstanceId() + " with IP address of " + instance.getPrivateIpAddress() + " has been removed from isolation"); }
From source file:dsmwatcher.DSMWatcher.java
License:Open Source License
public Boolean checkIfIsolated(Instance instance, AmazonEC2Client ec2) throws Exception { boolean inIRSubnet = false; boolean hasDenySG = false; //check for tags on other ENIs List<InstanceNetworkInterface> ienis = instance.getNetworkInterfaces(); for (InstanceNetworkInterface ieni : ienis) { for (String IRSubnet : IRSubnets) { if (IRSubnet.compareTo(ieni.getSubnetId()) == 0) { inIRSubnet = true;// www .ja va 2s . c o m } } List<GroupIdentifier> inititalSecGroups = ieni.getGroups(); for (GroupIdentifier secGroup : inititalSecGroups) { if (secGroup.getGroupId().equals(denyAllSG)) { DescribeNetworkInterfacesRequest netReq = new DescribeNetworkInterfacesRequest() .withNetworkInterfaceIds(ieni.getNetworkInterfaceId()); DescribeNetworkInterfacesResult netResult = ec2.describeNetworkInterfaces(netReq); List<com.amazonaws.services.ec2.model.NetworkInterface> enis = netResult.getNetworkInterfaces(); for (com.amazonaws.services.ec2.model.NetworkInterface eni : enis) { List<Tag> tagSet = eni.getTagSet(); for (Tag tag : tagSet) { if (tag.getKey().compareTo("InIsolation") == 0) { hasDenySG = true; } } } } } } return (inIRSubnet && hasDenySG); }
From source file:dsmwatcher.DSMWatcher.java
License:Open Source License
public void isolateInstance(Instance instance, AmazonEC2Client ec2) throws Exception { Subnet targetIRSubnet = null;//www . ja v a 2 s . c o m handleAutoScaledInstance(instance); //check for autoscaling, if autoscaled instance detach first // to prevent heathcheck failure and termination DescribeSubnetsRequest subnetRequest = new DescribeSubnetsRequest().withSubnetIds(instance.getSubnetId()); List<Subnet> sourceSubnet = ec2.describeSubnets(subnetRequest).getSubnets(); String targetAZStr = sourceSubnet.get(0).getAvailabilityZone(); for (String IRSubnet : IRSubnets) { subnetRequest = new DescribeSubnetsRequest().withSubnetIds(IRSubnet); if (targetAZStr .compareTo(ec2.describeSubnets(subnetRequest).getSubnets().get(0).getAvailabilityZone()) == 0) { targetIRSubnet = ec2.describeSubnets(subnetRequest).getSubnets().get(0); } } if (targetIRSubnet == null) { error("Unable to find an isolation subnet for instance " + instance.getInstanceId()); return; } List<InstanceNetworkInterface> ienis = instance.getNetworkInterfaces(); for (InstanceNetworkInterface ieni : ienis) { String eniTag = ""; List<GroupIdentifier> inititalSecGroups = ieni.getGroups(); for (GroupIdentifier secGroup : inititalSecGroups) { eniTag += secGroup.getGroupId() + ","; } eniTag = eniTag.substring(0, eniTag.length() - 1); DescribeNetworkInterfacesRequest netReq = new DescribeNetworkInterfacesRequest() .withNetworkInterfaceIds(ieni.getNetworkInterfaceId()); DescribeNetworkInterfacesResult netResult = ec2.describeNetworkInterfaces(netReq); List<com.amazonaws.services.ec2.model.NetworkInterface> enis = netResult.getNetworkInterfaces(); for (com.amazonaws.services.ec2.model.NetworkInterface eni : enis) { List<Tag> tagSet = eni.getTagSet(); Tag saveSGTag = new Tag().withKey("PreIsolationSG").withValue(eniTag); Tag isolationTag = new Tag().withKey("InIsolation").withValue("True"); tagSet.add(saveSGTag); tagSet.add(isolationTag); CreateTagsRequest ctr = new CreateTagsRequest().withResources(eni.getNetworkInterfaceId()) .withTags(tagSet); ec2.createTags(ctr); ModifyNetworkInterfaceAttributeRequest netReqest = new ModifyNetworkInterfaceAttributeRequest() .withNetworkInterfaceId(eni.getNetworkInterfaceId()).withGroups(denyAllSG); ec2.modifyNetworkInterfaceAttribute(netReqest); } } CreateNetworkInterfaceRequest newENIReq = new CreateNetworkInterfaceRequest() .withSubnetId(targetIRSubnet.getSubnetId()).withGroups(IRSecGrp); CreateNetworkInterfaceResult newENIResult = ec2.createNetworkInterface(newENIReq); AttachNetworkInterfaceRequest attachReq = new AttachNetworkInterfaceRequest() .withNetworkInterfaceId(newENIResult.getNetworkInterface().getNetworkInterfaceId()) .withInstanceId(instance.getInstanceId()) .withDeviceIndex(instance.getNetworkInterfaces().size() + 1); AttachNetworkInterfaceResult attachResults = ec2.attachNetworkInterface(attachReq); NetworkInterfaceAttachmentChanges attachTerm = new NetworkInterfaceAttachmentChanges() .withAttachmentId(attachResults.getAttachmentId()).withDeleteOnTermination(true); ModifyNetworkInterfaceAttributeRequest setDeleteOnTerm = new ModifyNetworkInterfaceAttributeRequest() .withAttachment(attachTerm) .withNetworkInterfaceId(newENIResult.getNetworkInterface().getNetworkInterfaceId()); ec2.modifyNetworkInterfaceAttribute(setDeleteOnTerm); CreateTagsRequest tagNewENIReq = new CreateTagsRequest(); List<Tag> isolationENITags = newENIResult.getNetworkInterface().getTagSet(); Tag newENITag = new Tag().withKey("IRENI").withValue("True"); isolationENITags.add(newENITag); tagNewENIReq.setTags(isolationENITags); tagNewENIReq.withResources(newENIResult.getNetworkInterface().getNetworkInterfaceId()); ec2.createTags(tagNewENIReq); }
From source file:org.occiware.clouddriver.util.InstanceDataFactory.java
License:Apache License
/** * * @param instance/* w w w . ja va2 s . c o m*/ * @return */ private static List<NetworkInterfaceDO> buildNetworkInterfacesDatas(Instance instance) { List<InstanceNetworkInterface> netInts = instance.getNetworkInterfaces(); InstanceNetworkInterfaceAssociation netIntAsso; InstanceNetworkInterfaceAttachment netIntAttach; List<GroupIdentifier> groupIdentifiers; List<NetworkInterfaceDO> networkInterfaceDOs = new ArrayList<>(); NetworkInterfaceDO netDO; List<InstancePrivateIpAddress> ipAddresses; List<InstanceIpv6Address> ipv6Addresses; for (InstanceNetworkInterface netInt : netInts) { netDO = new NetworkInterfaceDO(); netDO.setDescription(netInt.getDescription()); netDO.setMacAddress(netInt.getMacAddress()); netDO.setNetworkInterfaceId(netInt.getNetworkInterfaceId()); netDO.setOwnerId(netInt.getOwnerId()); netDO.setPrivateDnsName(netInt.getPrivateDnsName()); netDO.setPrivateIpAddress(netInt.getPrivateIpAddress()); netDO.setSourceDestCheck(netInt.getSourceDestCheck()); netDO.setStatus(netInt.getStatus()); netDO.setSubnetId(netInt.getSubnetId()); netDO.setVpcId(netInt.getVpcId()); netIntAsso = netInt.getAssociation(); if (netIntAsso != null) { NetAssociationDO associationDO = new NetAssociationDO(); associationDO.setIpOwnerId(netIntAsso.getIpOwnerId()); associationDO.setPublicDnsName(netIntAsso.getPublicDnsName()); associationDO.setPublicIp(netIntAsso.getPublicIp()); netDO.setNetAssociation(associationDO); } netIntAttach = netInt.getAttachment(); if (netIntAttach != null) { netDO.setAttachmentId(netIntAttach.getAttachmentId()); netDO.setAttachTime(netIntAttach.getAttachTime()); netDO.setDeleteOnTermination(netIntAttach.getDeleteOnTermination()); netDO.setDeviceIndex(netIntAttach.getDeviceIndex()); netDO.setAttachmentStatus(netIntAttach.getStatus()); } groupIdentifiers = netInt.getGroups(); if (groupIdentifiers != null && !groupIdentifiers.isEmpty()) { List<GroupIdentifierDO> grpDOs = buildSecurityGroupsDatas(groupIdentifiers); netDO.setSecurityGroups(grpDOs); } ipv6Addresses = netInt.getIpv6Addresses(); if (ipv6Addresses != null && !ipv6Addresses.isEmpty()) { List<String> ipv6AddressesStr = new ArrayList<>(); for (InstanceIpv6Address ipv6Address : ipv6Addresses) { ipv6AddressesStr.add(ipv6Address.getIpv6Address()); } netDO.setIpv6Addresses(ipv6AddressesStr); } ipAddresses = netInt.getPrivateIpAddresses(); if (ipAddresses != null && !ipAddresses.isEmpty()) { List<IpAddressDO> ipAddressDOs = new ArrayList<>(); IpAddressDO addressDO; InstanceNetworkInterfaceAssociation netAsso; for (InstancePrivateIpAddress ipAddress : ipAddresses) { addressDO = new IpAddressDO(); addressDO.setPrimary(ipAddress.isPrimary()); addressDO.setPrivateDnsName(ipAddress.getPrivateDnsName()); addressDO.setPrivateIpAddress(ipAddress.getPrivateIpAddress()); netAsso = ipAddress.getAssociation(); if (netAsso != null) { NetAssociationDO associationDO = new NetAssociationDO(); associationDO.setIpOwnerId(netAsso.getIpOwnerId()); associationDO.setPublicDnsName(netAsso.getPublicDnsName()); associationDO.setPublicIp(netAsso.getPublicIp()); addressDO.setNetAssociation(associationDO); } ipAddressDOs.add(addressDO); } netDO.setIpAddresses(ipAddressDOs); } networkInterfaceDOs.add(netDO); } return networkInterfaceDOs; }