List of usage examples for com.amazonaws.services.ec2.model IpPermission withIpProtocol
public IpPermission withIpProtocol(String ipProtocol)
From source file:de.unibi.cebitec.bibigrid.meta.aws.CreateClusterEnvironmentAWS.java
@Override public CreateClusterEnvironmentAWS createSecurityGroup() { CreateTagsRequest tagRequest = new CreateTagsRequest(); tagRequest.withResources(subnet.getSubnetId()).withTags(cluster.getBibigridid(), new Tag("Name", SUBNET_PREFIX + cluster.getClusterId())); cluster.getEc2().createTags(tagRequest); /////////////////////////////////////////////////////////////////////// ///// MASTERIP MASTERIP = SubNets.getFirstIP(subnet.getCidrBlock()); //////////////////////////////////////////////////////////////////////// ///// create security group with full internal access / ssh from outside log.info("Creating security group..."); CreateSecurityGroupRequest secReq = new CreateSecurityGroupRequest(); secReq.withGroupName(SECURITY_GROUP_PREFIX + cluster.getClusterId()).withDescription(cluster.getClusterId()) .withVpcId(vpc.getVpcId());/*w ww .j a v a 2 s.c om*/ secReqResult = cluster.getEc2().createSecurityGroup(secReq); log.info(V, "security group id: {}", secReqResult.getGroupId()); UserIdGroupPair secGroupSelf = new UserIdGroupPair().withGroupId(secReqResult.getGroupId()); IpPermission secGroupAccessSsh = new IpPermission(); secGroupAccessSsh.withIpProtocol("tcp").withFromPort(22).withToPort(22).withIpRanges("0.0.0.0/0"); IpPermission secGroupSelfAccessTcp = new IpPermission(); secGroupSelfAccessTcp.withIpProtocol("tcp").withFromPort(0).withToPort(65535) .withUserIdGroupPairs(secGroupSelf); IpPermission secGroupSelfAccessUdp = new IpPermission(); secGroupSelfAccessUdp.withIpProtocol("udp").withFromPort(0).withToPort(65535) .withUserIdGroupPairs(secGroupSelf); IpPermission secGroupSelfAccessIcmp = new IpPermission(); secGroupSelfAccessIcmp.withIpProtocol("icmp").withFromPort(-1).withToPort(-1) .withUserIdGroupPairs(secGroupSelf); List<IpPermission> allIpPermissions = new ArrayList<>(); allIpPermissions.add(secGroupAccessSsh); allIpPermissions.add(secGroupSelfAccessTcp); allIpPermissions.add(secGroupSelfAccessUdp); allIpPermissions.add(secGroupSelfAccessIcmp); for (Port port : cluster.getConfig().getPorts()) { log.info("{}:{}", port.iprange, "" + port.number); IpPermission additionalPortTcp = new IpPermission(); additionalPortTcp.withIpProtocol("tcp").withFromPort(port.number).withToPort(port.number) .withIpRanges(port.iprange); allIpPermissions.add(additionalPortTcp); IpPermission additionalPortUdp = new IpPermission(); additionalPortUdp.withIpProtocol("udp").withFromPort(port.number).withToPort(port.number) .withIpRanges(port.iprange); allIpPermissions.add(additionalPortUdp); } AuthorizeSecurityGroupIngressRequest ruleChangerReq = new AuthorizeSecurityGroupIngressRequest(); ruleChangerReq.withGroupId(secReqResult.getGroupId()).withIpPermissions(allIpPermissions); tagRequest = new CreateTagsRequest(); tagRequest.withResources(secReqResult.getGroupId()).withTags(cluster.getBibigridid(), new Tag("Name", SECURITY_GROUP_PREFIX + cluster.getClusterId())); cluster.getEc2().createTags(tagRequest); cluster.getEc2().authorizeSecurityGroupIngress(ruleChangerReq); return this; }
From source file:org.apache.usergrid.chop.api.store.amazon.AmazonIpRuleManager.java
License:Apache License
@Override public void deleteRules(final String name, final Collection<String> ipRanges, final String protocol, final int port) { IpPermission permission = new IpPermission(); permission = permission.withIpProtocol(protocol).withFromPort(port).withToPort(port).withIpRanges(ipRanges); RevokeSecurityGroupIngressRequest request = new RevokeSecurityGroupIngressRequest(); request = request.withGroupName(name).withIpPermissions(permission); client.revokeSecurityGroupIngress(request); }