List of usage examples for com.amazonaws.services.ec2.model IpPermission setIpProtocol
public void setIpProtocol(String ipProtocol)
From source file:Security.java
License:Open Source License
String createSG(AmazonEC2 ec2) throws IOException { try {//from w w w . j ava 2 s . c o m securitygroup = "VirualIT_Security_Group" + Virtualize.no_of_days; CreateSecurityGroupRequest reqsec = new CreateSecurityGroupRequest().withGroupName(securitygroup) .withDescription("ssh-tcp-https-http"); CreateSecurityGroupResult ressec = ec2.createSecurityGroup(reqsec); String ipAddr = "0.0.0.0/0"; ArrayList<String> ipRanges = new ArrayList<String>(); ipRanges.add(ipAddr); ArrayList<IpPermission> ipPermissions = new ArrayList<IpPermission>(); IpPermission ipPermission_ssh = new IpPermission(); ipPermission_ssh.setIpProtocol("tcp"); ipPermission_ssh.setFromPort(new Integer(22)); ipPermission_ssh.setToPort(new Integer(22)); IpPermission ipPermission_http = new IpPermission(); ipPermission_http.setIpProtocol("tcp"); ipPermission_http.setFromPort(new Integer(80)); ipPermission_http.setToPort(new Integer(80)); IpPermission ipPermission_https = new IpPermission(); ipPermission_https.setIpProtocol("tcp"); ipPermission_https.setFromPort(new Integer(443)); ipPermission_https.setToPort(new Integer(443)); ipPermission_ssh.setIpRanges(ipRanges); ipPermission_http.setIpRanges(ipRanges); ipPermission_https.setIpRanges(ipRanges); ipPermissions.add(ipPermission_http); ipPermissions.add(ipPermission_https); ipPermissions.add(ipPermission_ssh); try { // Authorize the ports to the used. AuthorizeSecurityGroupIngressRequest ingressRequest = new AuthorizeSecurityGroupIngressRequest( securitygroup, ipPermissions); ec2.authorizeSecurityGroupIngress(ingressRequest); System.out.println("Assigned " + ingressRequest); } catch (AmazonServiceException ase) { // Ignore because this likely means the zone has already been authorized. System.err.println(ase.getMessage()); } DescribeSecurityGroupsRequest x = new DescribeSecurityGroupsRequest().withGroupNames(securitygroup); DescribeSecurityGroupsResult secgrp = ec2.describeSecurityGroups(x); for (SecurityGroup s : secgrp.getSecurityGroups()) { if (s.getGroupName().equals(securitygroup)) { System.out.println(s.getIpPermissions()); } } } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } return securitygroup; }
From source file:AwsSample.java
License:Open Source License
public static void main(String[] args) throws Exception { BasicAWSCredentials credentials = new BasicAWSCredentials("", ""); /********************************************* * /*from ww w . j a v a2 s . c o m*/ * #1 Create Amazon Client object * *********************************************/ System.out.println("#1 Create Amazon Client object"); ec2 = new AmazonEC2Client(credentials); try { /********************************************* * * #2 Describe Availability Zones. * *********************************************/ System.out.println("#2 Describe Availability Zones."); DescribeAvailabilityZonesResult availabilityZonesResult = ec2.describeAvailabilityZones(); System.out.println("You have access to " + availabilityZonesResult.getAvailabilityZones().size() + " Availability Zones."); /********************************************* * * #3 Describe Available Images * *********************************************/ System.out.println("#3 Describe Available Images"); DescribeImagesResult dir = ec2.describeImages(); List<Image> images = dir.getImages(); System.out.println("You have " + images.size() + " Amazon images"); /********************************************* * * #4 Describe Key Pair * *********************************************/ System.out.println("#9 Describe Key Pair"); DescribeKeyPairsResult dkr = ec2.describeKeyPairs(); System.out.println(dkr.toString()); /********************************************* * * #5 Describe Current Instances * *********************************************/ System.out.println("#4 Describe Current Instances"); DescribeInstancesResult describeInstancesRequest = ec2.describeInstances(); List<Reservation> reservations = describeInstancesRequest.getReservations(); Set<Instance> instances = new HashSet<Instance>(); // add all instances to a Set. for (Reservation reservation : reservations) { instances.addAll(reservation.getInstances()); } System.out.println("You have " + instances.size() + " Amazon EC2 instance(s)."); for (Instance ins : instances) { // instance id String instanceId = ins.getInstanceId(); // instance state InstanceState is = ins.getState(); System.out.println(instanceId + " " + is.getName()); } /////////////////////////////////////// String Temp_Group = "Testgroup1"; //name of the group CreateSecurityGroupRequest r1 = new CreateSecurityGroupRequest(Temp_Group, "temporal group"); ec2.createSecurityGroup(r1); AuthorizeSecurityGroupIngressRequest r2 = new AuthorizeSecurityGroupIngressRequest(); r2.setGroupName(Temp_Group); /*************the property of http*****************/ IpPermission permission = new IpPermission(); permission.setIpProtocol("tcp"); permission.setFromPort(80); permission.setToPort(80); List<String> ipRanges = new ArrayList<String>(); ipRanges.add("0.0.0.0/0"); permission.setIpRanges(ipRanges); /*************the property of SSH**********************/ IpPermission permission1 = new IpPermission(); permission1.setIpProtocol("tcp"); permission1.setFromPort(22); permission1.setToPort(22); List<String> ipRanges1 = new ArrayList<String>(); ipRanges1.add("0.0.0.0/22"); permission1.setIpRanges(ipRanges1); /*************the property of https**********************/ IpPermission permission2 = new IpPermission(); permission2.setIpProtocol("tcp"); permission2.setFromPort(443); permission2.setToPort(443); List<String> ipRanges2 = new ArrayList<String>(); ipRanges2.add("0.0.0.0/0"); permission2.setIpRanges(ipRanges2); /*************the property of tcp**********************/ IpPermission permission3 = new IpPermission(); permission3.setIpProtocol("tcp"); permission3.setFromPort(0); permission3.setToPort(65535); List<String> ipRanges3 = new ArrayList<String>(); ipRanges3.add("0.0.0.0/0"); permission3.setIpRanges(ipRanges3); /**********************add rules to the group*********************/ List<IpPermission> permissions = new ArrayList<IpPermission>(); permissions.add(permission); permissions.add(permission1); permissions.add(permission2); permissions.add(permission3); r2.setIpPermissions(permissions); ec2.authorizeSecurityGroupIngress(r2); List<String> groupName = new ArrayList<String>(); groupName.add(Temp_Group);//wait to out our instance into this group /********************************************* * * #6.2 Create a New Key Pair * *********************************************/ CreateKeyPairRequest newKeyRequest = new CreateKeyPairRequest(); newKeyRequest.setKeyName("Test_Key2"); CreateKeyPairResult keyresult = ec2.createKeyPair(newKeyRequest); /************************print the properties of this key*****************/ KeyPair kp = new KeyPair(); kp = keyresult.getKeyPair(); System.out.println("The key we created is = " + kp.getKeyName() + "\nIts fingerprint is=" + kp.getKeyFingerprint() + "\nIts material is= \n" + kp.getKeyMaterial()); String fileName = "C:/Users/Akhil/workspace/Test_Key2.pem"; File distFile = new File(fileName); BufferedReader bufferedReader = new BufferedReader(new StringReader(kp.getKeyMaterial())); BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(distFile)); char buf[] = new char[1024]; int len; while ((len = bufferedReader.read(buf)) != -1) { bufferedWriter.write(buf, 0, len); } bufferedWriter.flush(); bufferedReader.close(); bufferedWriter.close(); //String myinstance; /********************************************* * * #6 Create an Instance * *********************************************/ System.out.println("#5 Create an Instance"); String imageId = "ami-76f0061f"; //Basic 32-bit Amazon Linux AMI int minInstanceCount = 1; // create 1 instance int maxInstanceCount = 1; RunInstancesRequest rir = new RunInstancesRequest(imageId, minInstanceCount, maxInstanceCount); rir.setKeyName("Test_Key2"); rir.withSecurityGroups("Testgroup1"); RunInstancesResult result = ec2.runInstances(rir); //get instanceId from the result List<Instance> resultInstance = result.getReservation().getInstances(); String createdInstanceId = null; String myAvailabilityZone = null; for (Instance ins : resultInstance) { createdInstanceId = ins.getInstanceId(); System.out.println("New instance has been created: " + ins.getInstanceId()); //myinstance = ins.getInstanceId(); } Thread.currentThread().sleep(60000); /********************************************* * * * Create a New Volume and attach it * ***********************************************/ List<Instance> resultInstance2 = result.getReservation().getInstances(); createdInstanceId = null; for (Instance ins : resultInstance2) { createdInstanceId = ins.getInstanceId(); System.out.println("New instance has been created: " + ins.getInstanceId());//print the instance ID /********************************************* * * #6.4 Create an Instance * *********************************************/ CreateVolumeRequest newVol = new CreateVolumeRequest(1, "us-east-1a"); CreateVolumeResult volresult = ec2.createVolume(newVol); Volume vol1 = volresult.getVolume(); String volId = vol1.getVolumeId(); Thread.currentThread().sleep(30000); AttachVolumeRequest attachRequest = new AttachVolumeRequest().withInstanceId(createdInstanceId) .withVolumeId(volId); attachRequest.withDevice("/dev/sda5"); ec2.attachVolume(attachRequest); System.out.println("EBS volume has been attached and the volume ID is: " + volId); } /********************************************* * * #7 Create a 'tag' for the new instance. * *********************************************/ System.out.println("#6 Create a 'tag' for the new instance."); List<String> resources = new LinkedList<String>(); List<Tag> tags = new LinkedList<Tag>(); Tag nameTag = new Tag("Akhil", "MyFirstInstance"); resources.add(createdInstanceId); tags.add(nameTag); CreateTagsRequest ctr = new CreateTagsRequest(resources, tags); ec2.createTags(ctr); /********************************************* * * #8 Stop/Start an Instance * *********************************************/ System.out.println("#7 Stop the Instance"); List<String> instanceIds = new LinkedList<String>(); instanceIds.add(createdInstanceId); //stop StopInstancesRequest stopIR = new StopInstancesRequest(instanceIds); ec2.stopInstances(stopIR); //start StartInstancesRequest startIR = new StartInstancesRequest(instanceIds); ec2.startInstances(startIR); System.out.println("#8 Getting DNS, IP."); DescribeInstancesRequest request = new DescribeInstancesRequest(); request.setInstanceIds(instanceIds); DescribeInstancesResult result1 = ec2.describeInstances(request); List<Reservation> reservations1 = result1.getReservations(); List<Instance> instances1; for (Reservation res : reservations1) { instances1 = res.getInstances(); for (Instance ins1 : instances1) { System.out .println("The public DNS is: " + ins1.getPublicDnsName() + "\n" + ins1.getRamdiskId()); System.out.println("The private IP is: " + ins1.getPrivateIpAddress()); System.out.println("The public IP is: " + ins1.getPublicIpAddress()); } /********************************************* * #10 Terminate an Instance * *********************************************/ System.out.println("#8 Terminate the Instance"); TerminateInstancesRequest tir = new TerminateInstancesRequest(instanceIds); //ec2.terminateInstances(tir); /********************************************* * * #11 shutdown client object * *********************************************/ ec2.shutdown(); } } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } }
From source file:AwsSample.java
License:Open Source License
public static void main(String[] args) throws Exception { AWSCredentials credentials = new PropertiesCredentials( AwsSample.class.getResourceAsStream("AwsCredentials.properties")); /********************************************* * /*from www .ja v a 2s . c om*/ * #1 Create Amazon Client object * *********************************************/ System.out.println("#1 Create Amazon Client object"); ec2 = new AmazonEC2Client(credentials); /********************************************* * Added By Chenyun Zhang * # Create an Amazon EC2 Security Group * *********************************************/ System.out.println("#1 Create an Amazon EC2 Security Group"); CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest(); createSecurityGroupRequest.withGroupName("JavaSecurityGroup").withDescription("My Java Security Group"); CreateSecurityGroupResult createSecurityGroupResult = ec2.createSecurityGroup(createSecurityGroupRequest); /********************************************* * Added By Chenyun Zhang * # Authorize Security Group Ingress * *********************************************/ System.out.println("#2 Authorize Security Group Ingress"); ArrayList<IpPermission> ipPermission = new ArrayList<IpPermission>(); //SSH IpPermission ipssh = new IpPermission(); ipssh.setIpProtocol("tcp"); ipssh.setFromPort(new Integer(22)); ipssh.setToPort(new Integer(22)); //ipssh.withIpRanges(ipRanges); ipssh.withIpRanges("72.69.22.123/32"); ipPermission.add(ipssh); //HTTP IpPermission iphttp = new IpPermission(); iphttp.setIpProtocol("tcp"); iphttp.setFromPort(new Integer(80)); iphttp.setToPort(new Integer(80)); iphttp.withIpRanges("0.0.0.0/0"); ipPermission.add(iphttp); //TCP IpPermission iptcp = new IpPermission(); iptcp.setIpProtocol("tcp"); iptcp.setFromPort(new Integer(49152)); iptcp.setToPort(new Integer(49152)); iptcp.withIpRanges("0.0.0.0/0"); ipPermission.add(iptcp); AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.withGroupName("JavaSecurityGroup").withIpPermissions(ipPermission); ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); /********************************************* * Added By Chenyun Zhang * # Create a Key Pair * *********************************************/ System.out.println("#3 Create a Key Pair"); CreateKeyPairRequest createKeyPairRequest = new CreateKeyPairRequest(); createKeyPairRequest.withKeyName("HW2"); CreateKeyPairResult createKeyPairResult = ec2.createKeyPair(createKeyPairRequest); KeyPair keyPair = new KeyPair(); keyPair = createKeyPairResult.getKeyPair(); String privateKey = keyPair.getKeyMaterial(); //Calling createKeyPair is the only way to obtain the private key programmatically. /********************************************* * Added By Chenyun Zhang * # Download KeyPair * *********************************************/ PrintWriter Storekey = new PrintWriter( "/Users/Annabelle/Documents/NYU-POLY/3/Cloud Computing/HW2" + "/" + "Hw2" + ".pem", "UTF-8"); Storekey.print(privateKey); Storekey.close(); System.out.println("Already store the key!"); try { /********************************************* * * #2 Describe Availability Zones. * *********************************************/ System.out.println("#2 Describe Availability Zones."); DescribeAvailabilityZonesResult availabilityZonesResult = ec2.describeAvailabilityZones(); System.out.println("You have access to " + availabilityZonesResult.getAvailabilityZones().size() + " Availability Zones."); /********************************************* * * #3 Describe Available Images * *********************************************/ System.out.println("#3 Describe Available Images"); DescribeImagesResult dir = ec2.describeImages(); List<Image> images = dir.getImages(); System.out.println("You have " + images.size() + " Amazon images"); /********************************************* * * #4 Describe Key Pair * *********************************************/ System.out.println("#9 Describe Key Pair"); DescribeKeyPairsResult dkr = ec2.describeKeyPairs(); System.out.println(dkr.toString()); /********************************************* * * #5 Describe Current Instances * *********************************************/ System.out.println("#4 Describe Current Instances"); DescribeInstancesResult describeInstancesRequest = ec2.describeInstances(); List<Reservation> reservations = describeInstancesRequest.getReservations(); Set<Instance> instances = new HashSet<Instance>(); // add all instances to a Set. for (Reservation reservation : reservations) { instances.addAll(reservation.getInstances()); } System.out.println("You have " + instances.size() + " Amazon EC2 instance(s)."); for (Instance ins : instances) { // instance id String instanceId = ins.getInstanceId(); // instance state InstanceState is = ins.getState(); System.out.println(instanceId + " " + is.getName()); } /********************************************* * * #6 Create an Instance * *********************************************/ System.out.println("#5 Create an Instance"); String imageId = "ami-76f0061f"; //Basic 64-bit Amazon Linux AMI int minInstanceCount = 1; // create 1 instance int maxInstanceCount = 1; //RunInstancesRequest rir = new RunInstancesRequest(imageId, minInstanceCount, maxInstanceCount); RunInstancesRequest rir = new RunInstancesRequest(); rir.withImageId(imageId).withInstanceType("t1.micro").withMinCount(minInstanceCount) .withMaxCount(maxInstanceCount).withKeyName("HW2").withSecurityGroups("JavaSecurityGroup"); RunInstancesResult result = ec2.runInstances(rir); /********************************************* * Added by Chenyun Zhang * # Get the public Ip address * *********************************************/ //get instanceId from the result List<Instance> resultInstance = result.getReservation().getInstances(); String createdInstanceId = null; for (Instance ins : resultInstance) { createdInstanceId = ins.getInstanceId(); System.out.println("New instance has been created: " + ins.getInstanceId()); //DescribeInstancesRequest and get ip String createdInstanceIp = null; while (createdInstanceIp == null) { System.out.println("Please waiting for 10 seconds!"); Thread.sleep(10000); DescribeInstancesRequest newdescribeInstances = new DescribeInstancesRequest(); DescribeInstancesResult newdescribeInstancesRequest = ec2 .describeInstances(newdescribeInstances); List<Reservation> newreservations = newdescribeInstancesRequest.getReservations(); Set<Instance> allinstances = new HashSet<Instance>(); for (Reservation reservation : newreservations) { allinstances.addAll(reservation.getInstances()); } for (Instance myinst : allinstances) { String instanceId = myinst.getInstanceId(); if (instanceId.equals(createdInstanceId)) { createdInstanceIp = myinst.getPublicIpAddress(); } } } System.out.println("Already get the Ip!"); System.out.println("New instance's ip address is:" + createdInstanceIp); IP = createdInstanceIp; } /********************************************* * * #7 Create a 'tag' for the new instance. * *********************************************/ System.out.println("#6 Create a 'tag' for the new instance."); List<String> resources = new LinkedList<String>(); List<Tag> tags = new LinkedList<Tag>(); Tag nameTag = new Tag("Name", "MyFirstInstance"); resources.add(createdInstanceId); tags.add(nameTag); CreateTagsRequest ctr = new CreateTagsRequest(resources, tags); ec2.createTags(ctr); /********************************************* * Added By Chenyun Zhang * # SSH connect into EC2 * *********************************************/ Thread.sleep(100000); ssh con = new ssh(); con.sshcon(IP); /********************************************* * * #8 Stop/Start an Instance * *********************************************/ System.out.println("#7 Stop the Instance"); List<String> instanceIds = new LinkedList<String>(); instanceIds.add(createdInstanceId); //stop StopInstancesRequest stopIR = new StopInstancesRequest(instanceIds); //ec2.stopInstances(stopIR); //start StartInstancesRequest startIR = new StartInstancesRequest(instanceIds); //ec2.startInstances(startIR); /********************************************* * * #9 Terminate an Instance * *********************************************/ System.out.println("#8 Terminate the Instance"); TerminateInstancesRequest tir = new TerminateInstancesRequest(instanceIds); //ec2.terminateInstances(tir); /********************************************* * * #10 shutdown client object * *********************************************/ ec2.shutdown(); } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } }
From source file:advanced.CreateSecurityGroupApp.java
License:Open Source License
/** * @param args//from ww w . j ava 2s .c om */ public static void main(String[] args) { // Retrieves the credentials from an AWSCredentials.properties file. AWSCredentials credentials = null; try { credentials = new PropertiesCredentials( InlineTaggingCodeSampleApp.class.getResourceAsStream("AwsCredentials.properties")); } catch (IOException e1) { System.out.println("Credentials were not properly entered into AwsCredentials.properties."); System.out.println(e1.getMessage()); System.exit(-1); } // Create the AmazonEC2Client object so we can call various APIs. AmazonEC2 ec2 = new AmazonEC2Client(credentials); // Create a new security group. try { CreateSecurityGroupRequest securityGroupRequest = new CreateSecurityGroupRequest("GettingStartedGroup", "Getting Started Security Group"); ec2.createSecurityGroup(securityGroupRequest); } catch (AmazonServiceException ase) { // Likely this means that the group is already created, so ignore. System.out.println(ase.getMessage()); } String ipAddr = "0.0.0.0/0"; // Get the IP of the current host, so that we can limit the Security Group // by default to the ip range associated with your subnet. try { InetAddress addr = InetAddress.getLocalHost(); // Get IP Address ipAddr = addr.getHostAddress() + "/10"; } catch (UnknownHostException e) { } //System.exit(-1); // Create a range that you would like to populate. ArrayList<String> ipRanges = new ArrayList<String>(); ipRanges.add(ipAddr); // Open up port 23 for TCP traffic to the associated IP from above (e.g. ssh traffic). ArrayList<IpPermission> ipPermissions = new ArrayList<IpPermission>(); IpPermission ipPermission = new IpPermission(); ipPermission.setIpProtocol("tcp"); ipPermission.setFromPort(new Integer(22)); ipPermission.setToPort(new Integer(22)); ipPermission.setIpRanges(ipRanges); ipPermissions.add(ipPermission); try { // Authorize the ports to the used. AuthorizeSecurityGroupIngressRequest ingressRequest = new AuthorizeSecurityGroupIngressRequest( "GettingStartedGroup", ipPermissions); ec2.authorizeSecurityGroupIngress(ingressRequest); } catch (AmazonServiceException ase) { // Ignore because this likely means the zone has already been authorized. System.out.println(ase.getMessage()); } }
From source file:aws.sample.CreateSecurityGroupApp.java
License:Open Source License
/** * @param args/*from w w w. ja v a2s .c om*/ */ public static void main(String[] args) { // Retrieves the credentials from an AWSCredentials.properties file. AWSCredentials credentials = null; try { credentials = new PropertiesCredentials( InlineGettingStartedCodeSampleApp.class.getResourceAsStream("AwsCredentials.properties")); } catch (IOException e1) { System.out.println("Credentials were not properly entered into AwsCredentials.properties."); System.out.println(e1.getMessage()); System.exit(-1); } // Create the AmazonEC2Client object so we can call various APIs. AmazonEC2 ec2 = new AmazonEC2Client(credentials); // Create a new security group. try { CreateSecurityGroupRequest securityGroupRequest = new CreateSecurityGroupRequest("GettingStartedGroup", "Getting Started Security Group"); ec2.createSecurityGroup(securityGroupRequest); } catch (AmazonServiceException ase) { // Likely this means that the group is already created, so ignore. System.out.println(ase.getMessage()); } String ipAddr = "0.0.0.0/0"; // Get the IP of the current host, so that we can limit the Security Group // by default to the ip range associated with your subnet. try { InetAddress addr = InetAddress.getLocalHost(); // Get IP Address ipAddr = addr.getHostAddress() + "/10"; } catch (UnknownHostException e) { } // System.exit(-1); // Create a range that you would like to populate. ArrayList<String> ipRanges = new ArrayList<String>(); ipRanges.add(ipAddr); // Open up port 23 for TCP traffic to the associated IP from above (e.g. ssh traffic). ArrayList<IpPermission> ipPermissions = new ArrayList<IpPermission>(); IpPermission ipPermission = new IpPermission(); ipPermission.setIpProtocol("tcp"); ipPermission.setFromPort(new Integer(22)); ipPermission.setToPort(new Integer(22)); ipPermission.setIpRanges(ipRanges); ipPermissions.add(ipPermission); try { // Authorize the ports to the used. AuthorizeSecurityGroupIngressRequest ingressRequest = new AuthorizeSecurityGroupIngressRequest( "GettingStartedGroup", ipPermissions); ec2.authorizeSecurityGroupIngress(ingressRequest); } catch (AmazonServiceException ase) { // Ignore because this likely means the zone has already been authorized. System.out.println(ase.getMessage()); } }
From source file:com.appdynamics.connectors.AWSConnector.java
License:Apache License
private void validateAndConfigureSecurityGroups(List<String> securityGroupNames, AmazonEC2 connector) throws ConnectorException { DescribeSecurityGroupsRequest describeSecurityGroupsRequest = new DescribeSecurityGroupsRequest(); DescribeSecurityGroupsResult describeSecurityGroupsResult = connector .describeSecurityGroups(describeSecurityGroupsRequest.withGroupNames(securityGroupNames)); String controllerIp = "0.0.0.0/0"; int agentPort = controllerServices.getDefaultAgentPort(); // check if any one of the security group // already has agent port and controller ip List<SecurityGroup> securityGroups = describeSecurityGroupsResult.getSecurityGroups(); for (SecurityGroup securityGroup : securityGroups) { List<IpPermission> ipPermissions = securityGroup.getIpPermissions(); for (IpPermission permission : ipPermissions) { if (permission.getIpRanges().contains(controllerIp) && (agentPort >= permission.getFromPort() && agentPort <= permission.getToPort())) { return; }//from ww w . j av a 2s . c om } } String securityGroup = null; if (securityGroups.contains(Utils.DEFAULT_SECURITY_GROUP)) { securityGroup = Utils.DEFAULT_SECURITY_GROUP; } else { securityGroup = securityGroups.get(0).getGroupName(); } IpPermission ipPermission = new IpPermission(); ipPermission.setFromPort(agentPort); ipPermission.setToPort(agentPort); ipPermission.setIpProtocol("tcp"); ipPermission.setIpRanges(Lists.newArrayList(controllerIp)); connector.authorizeSecurityGroupIngress( new AuthorizeSecurityGroupIngressRequest(securityGroup, Lists.newArrayList(ipPermission))); }
From source file:com.indemnity83.ephemeral.api.SecurityGroup.java
License:Open Source License
public SecurityGroup allow(int port, String protocol, String source) { ArrayList<String> ranges = new ArrayList<String>(); ranges.add(source);//from www .j av a2s . c om IpPermission rule = new IpPermission(); rule.setIpProtocol(protocol); rule.setFromPort(port); rule.setToPort(port); rule.setIpRanges(ranges); ipPermissions.add(rule); return this; }
From source file:com.norbl.cbp.ppe.SecurityGroupFactory.java
License:Open Source License
private IpPermission createIPPermissionIP(String protocol, int fromPort, int toPort, String ip) { IpPermission ipp = new IpPermission(); ipp.setIpProtocol(protocol); ipp.setFromPort(fromPort);//from w w w . ja v a 2s . com ipp.setToPort(toPort); List<String> ips = new ArrayList<String>(); ips.add(ip); ipp.setIpRanges(ips); return (ipp); }
From source file:com.norbl.cbp.ppe.SecurityGroupFactory.java
License:Open Source License
private IpPermission createIPPermissionGroup(String protocol, int fromPort, int toPort, String group) { IpPermission ipp = new IpPermission(); ipp.setIpProtocol(protocol); ipp.setFromPort(fromPort);/* w ww . j a v a 2s .com*/ ipp.setToPort(toPort); List<UserIdGroupPair> gps = new ArrayList<UserIdGroupPair>(); UserIdGroupPair gp = new UserIdGroupPair(); gp.setGroupName(group); gp.setUserId(params.getAWSUserID()); gps.add(gp); ipp.setUserIdGroupPairs(gps); return (ipp); }
From source file:ec2_device_manager.CreateSecurityGroupApp.java
License:Open Source License
/** * @param args//from w ww . j av a2s .c o m */ public static void main(String[] args) { // Retrieves the credentials from an AWSCredentials.properties file. AWSCredentials credentials = null; try { credentials = new PropertiesCredentials( CreateSecurityGroupApp.class.getResourceAsStream("AwsCredentials.properties")); } catch (IOException e1) { System.out.println("Credentials were not properly entered into AwsCredentials.properties."); System.out.println(e1.getMessage()); System.exit(-1); } // Create the AmazonEC2Client object so we can call various APIs. AmazonEC2 ec2 = new AmazonEC2Client(credentials); // Create a new security group. try { CreateSecurityGroupRequest securityGroupRequest = new CreateSecurityGroupRequest("GettingStartedGroup", "Getting Started Security Group"); ec2.createSecurityGroup(securityGroupRequest); } catch (AmazonServiceException ase) { // Likely this means that the group is already created, so ignore. System.out.println(ase.getMessage()); } String ipAddr = "0.0.0.0/0"; // Get the IP of the current host, so that we can limit the Security Group // by default to the ip range associated with your subnet. try { InetAddress addr = InetAddress.getLocalHost(); // Get IP Address ipAddr = addr.getHostAddress() + "/10"; } catch (UnknownHostException e) { } //System.exit(-1); // Create a range that you would like to populate. ArrayList<String> ipRanges = new ArrayList<String>(); ipRanges.add(ipAddr); // Open up port 23 for TCP traffic to the associated IP from above (e.g. ssh traffic). ArrayList<IpPermission> ipPermissions = new ArrayList<IpPermission>(); IpPermission ipPermission = new IpPermission(); ipPermission.setIpProtocol("tcp"); ipPermission.setFromPort(new Integer(22)); ipPermission.setToPort(new Integer(22)); ipPermission.setIpRanges(ipRanges); ipPermissions.add(ipPermission); try { // Authorize the ports to the used. AuthorizeSecurityGroupIngressRequest ingressRequest = new AuthorizeSecurityGroupIngressRequest( "GettingStartedGroup", ipPermissions); ec2.authorizeSecurityGroupIngress(ingressRequest); } catch (AmazonServiceException ase) { // Ignore because this likely means the zone has already been authorized. System.out.println(ase.getMessage()); } }