List of usage examples for com.amazonaws.services.ec2.model IpPermission withIpRanges
@Deprecated
public IpPermission withIpRanges(java.util.Collection<String> ipRanges)
One or more IP ranges.
From source file:HW1.java
License:Open Source License
public static void main(String[] args) throws Exception { AWSCredentials credentials = new PropertiesCredentials( HW1.class.getResourceAsStream("AwsCredentials.properties")); /********************************************* * //from w w w.ja v a2s. c o m * #1 Create Amazon Client object * *********************************************/ System.out.println("#1 Create Amazon Client object"); ec2 = new AmazonEC2Client(credentials); ec2.setEndpoint("https://us-east-1.ec2.amazonaws.com"); System.out.println("Please enter required group name and key name... (consider them to be the same)"); Scanner scan = new Scanner(System.in); final String keyGroupName = scan.nextLine(); /* create security group */ CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest(); createSecurityGroupRequest.withGroupName(keyGroupName).withDescription("My Java Security Group"); CreateSecurityGroupResult createSecurityGroupResult = ec2.createSecurityGroup(createSecurityGroupRequest); /* set ip settings */ IpPermission ipPermission = new IpPermission(); /* authorize tcp, ssh 22 */ ipPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(22) /* authorize http 80 */ .withToPort(80); AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.withGroupName(keyGroupName).withIpPermissions(ipPermission); ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); /* create key pair */ CreateKeyPairRequest createKeyPairRequest = new CreateKeyPairRequest(); createKeyPairRequest.withKeyName(keyGroupName); CreateKeyPairResult createKeyPairResult = ec2.createKeyPair(createKeyPairRequest); KeyPair keyPair = new KeyPair(); keyPair = createKeyPairResult.getKeyPair(); String privateKey = keyPair.getKeyMaterial(); PrintWriter file = new PrintWriter("/Users/will/.ssh/" + keyGroupName + ".pem"); file.print(privateKey); file.close(); Runtime.getRuntime().exec("chmod 400 /Users/will/.ssh/" + keyGroupName + ".pem"); try { /********************************************* * * #2 Create two Instances * *********************************************/ System.out.println(); System.out.println("#2 Create two new Instances"); int ready_num = 0; String insDNS1 = new String(); String insDNS2 = new String(); String insId1 = new String(); String insId2 = new String(); String insZone1 = new String(); String insZone2 = new String(); String imageId = "ami-76f0061f"; //Basic 32-bit Amazon Linux AMI int minInstanceCount = 2; // create 2 instance int maxInstanceCount = 2; /* create instances */ RunInstancesRequest rir = new RunInstancesRequest(imageId, minInstanceCount, maxInstanceCount); rir.withKeyName(keyGroupName).withSecurityGroups(keyGroupName); ec2.runInstances(rir); /* waiting for instance to start */ System.out.println("Created instance, wait for pending..."); DescribeInstancesResult describeInstancesRequest; List<Reservation> reservations; List<Instance> allInstances = new ArrayList<Instance>(); while (ready_num < 2) { describeInstancesRequest = ec2.describeInstances(); reservations = describeInstancesRequest.getReservations(); for (Reservation reservation : reservations) { for (Instance ins : reservation.getInstances()) { if (ins.getState().getName().compareTo("running") == 0 && ins.getPublicIpAddress() != null) { if (allInstances.size() == 0 || (allInstances.size() > 0 && allInstances.get(0).getInstanceId().compareTo(ins.getInstanceId()) != 0)) { ready_num++; allInstances.add(ins); } } } } } System.out.println("You have " + allInstances.size() + " Amazon EC2 instance(s)."); insId1 = allInstances.get(0).getInstanceId(); insId2 = allInstances.get(1).getInstanceId(); insDNS1 = allInstances.get(0).getPublicIpAddress(); insDNS2 = allInstances.get(1).getPublicIpAddress(); insZone1 = allInstances.get(0).getPlacement().getAvailabilityZone(); insZone2 = allInstances.get(1).getPlacement().getAvailabilityZone(); for (Instance ins : allInstances) { System.out.println("New instance has been created: " + ins.getInstanceId()); } System.out.println("Both instances are running now:"); System.out.println("Instance id1: " + insId1); System.out.println("IP: " + insDNS1); System.out.println("Zone: " + insZone1); System.out.println("Instance id1: " + insId2); System.out.println("IP: " + insDNS2); System.out.println("Zone: " + insZone2); System.out.println(); /********************************************* * #3 Check OR Create two volumes *********************************************/ System.out.println(); System.out.println("#3 Create volumes"); String volume_name1 = createVolume(insZone1, null); String volume_name2 = createVolume(insZone2, null); /********************************************* * #4 Attach the volume to the instance *********************************************/ System.out.println(); System.out.println("#4 Attach the volume to the instance"); System.out.println("Wait for volumes to be available..."); Thread.sleep(20000); /* attach instances to existing volume */ attachVolume(insId1, volume_name1); attachVolume(insId2, volume_name2); /************************************************ * #5 S3 bucket and object ***************************************************/ System.out.println(); System.out.println("#5 S3 bucket and object"); s3 = new AmazonS3Client(credentials); /* create bucket */ String bucketName = "cloud-hw1-bucket"; s3.createBucket(bucketName); /* set key */ String key = "object-hw1.txt"; /* set value */ File new_file = File.createTempFile("temp", ".txt"); new_file.deleteOnExit(); Writer writer = new OutputStreamWriter(new FileOutputStream(new_file)); writer.write("This is the file stored on the S3 storage on the first day!!!."); writer.close(); /* put object - bucket, key, value(file) */ s3.putObject(new PutObjectRequest(bucketName, key, new_file)); System.out.println("Successfully put file temp.txt to S3, we will read it tomorrow..."); System.out.println(); /*********************************** * #3 Monitoring (CloudWatch) *********************************/ System.out.println(); System.out.println("#6 set up cloudwatch"); try { /* create CloudWatch client */ AmazonCloudWatchClient cloudWatch = new AmazonCloudWatchClient(credentials); /* create request message1 */ GetMetricStatisticsRequest statRequest1 = new GetMetricStatisticsRequest(); GetMetricStatisticsRequest statRequest2 = new GetMetricStatisticsRequest(); /* set up request message */ statRequest1.setNamespace("AWS/EC2"); //namespace statRequest2.setNamespace("AWS/EC2"); //namespace statRequest1.setPeriod(60); //period of data statRequest2.setPeriod(60); //period of data ArrayList<String> stats = new ArrayList<String>(); /* Use one of these strings: Average, Maximum, Minimum, SampleCount, Sum */ stats.add("Average"); stats.add("Sum"); statRequest1.setStatistics(stats); statRequest2.setStatistics(stats); /* Use one of these strings: CPUUtilization, NetworkIn, NetworkOut, DiskReadBytes, DiskWriteBytes, DiskReadOperations */ statRequest1.setMetricName("CPUUtilization"); statRequest2.setMetricName("CPUUtilization"); /* set time */ GregorianCalendar calendar = new GregorianCalendar(TimeZone.getTimeZone("UTC")); calendar.add(GregorianCalendar.SECOND, -1 * calendar.get(GregorianCalendar.SECOND)); // 1 second ago Date endTime = calendar.getTime(); calendar.add(GregorianCalendar.MINUTE, -10); // 10 minutes ago Date startTime = calendar.getTime(); statRequest1.setStartTime(startTime); statRequest1.setEndTime(endTime); statRequest2.setStartTime(startTime); statRequest2.setEndTime(endTime); /* specify an instance */ ArrayList<Dimension> dimensions1 = new ArrayList<Dimension>(); dimensions1.add(new Dimension().withName("InstanceId").withValue(insId1)); ArrayList<Dimension> dimensions2 = new ArrayList<Dimension>(); dimensions2.add(new Dimension().withName("InstanceId").withValue(insId2)); statRequest1.setDimensions(dimensions1); statRequest2.setDimensions(dimensions2); System.out.println("Set up cloud watch for instance: " + insId1 + " and instance: " + insId2); /* !!!!!!!!!!!!here set for 10 loops for now */ /* get statistics */ for (int i = 0; i < 10; i++) { GetMetricStatisticsResult statResult1 = cloudWatch.getMetricStatistics(statRequest1); GetMetricStatisticsResult statResult2 = cloudWatch.getMetricStatistics(statRequest2); /* display */ System.out.println("Instance 1: " + statResult1.toString()); List<Datapoint> dataList = statResult1.getDatapoints(); Double averageCPU = null; Date timeStamp = null; for (Datapoint d : dataList) { averageCPU = d.getAverage(); timeStamp = d.getTimestamp(); System.out .println("Instance 1 average CPU utlilization for last 10 minutes: " + averageCPU); System.out.println("Instance 1 total CPU utlilization for last 10 minutes: " + d.getSum()); } System.out.println(); System.out.println("Instance 2: " + statResult1.toString()); dataList = statResult2.getDatapoints(); for (Datapoint d : dataList) { averageCPU = d.getAverage(); timeStamp = d.getTimestamp(); System.out .println("Instance 2 average CPU utlilization for last 10 minutes: " + averageCPU); System.out.println("Instance 2 total CPU utlilization for last 10 minutes: " + d.getSum()); } } } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } /*********************************** * # Copy script to * instance and run *********************************/ System.out.println(); System.out.println("Waiting for init and automatically SSH..."); /* call runtime exec to run scp */ execCmdRuby(insDNS1, keyGroupName); /*********************************** * # Save instances to image *********************************/ System.out.println(); System.out.println("******* Approaching 5:00 pm, create ami for instances *********"); String imageId1; String imageId2; String snapshot1; String snapshot2; imageId1 = createAmiFromInstance(insId1, "image1", true); imageId2 = createAmiFromInstance(insId2, "image2", true); System.out.println("Created first image id: " + imageId1); System.out.println("Created second image id: " + imageId2); snapshot1 = createSnapShotFromVolume(volume_name1); snapshot2 = createSnapShotFromVolume(volume_name2); System.out.println("Created first snapshot id: " + snapshot1); System.out.println("Created second snapshot id: " + snapshot2); /********************************************* * * # Stop Instances * *********************************************/ System.out.println(); System.out.println("#7 Stop & terminate the Instance"); List<String> instanceIds = new LinkedList<String>(); instanceIds.add(insId1); instanceIds.add(insId2); /* stop instances */ StopInstancesRequest stopIR = new StopInstancesRequest(instanceIds); ec2.stopInstances(stopIR); TerminateInstancesRequest tir = new TerminateInstancesRequest(instanceIds); ec2.terminateInstances(tir); /********************************************* * * # Detach volumes * *********************************************/ System.out.println(); System.out.println("Detach the volumes from the instances..."); deatchVolume(insId1, volume_name1); deatchVolume(insId2, volume_name2); /********************************************* * * # Delete Volumes * *********************************************/ System.out.println(); while (true) { if (getVolumeState(volume_name1).compareTo("available") == 0 && getVolumeState(volume_name2).compareTo("available") == 0) break; } System.out.println("Delete volumes..."); Thread.sleep(10000); deleteVolume(volume_name1); deleteVolume(volume_name2); /********************************************* * * # Second day restore instances and volumes * *********************************************/ System.out.println(); System.out.println("#8 Second day start up instances from stored amis..."); String newInsId1 = ""; String newInsId2 = ""; String newInsIP1 = ""; String newInsIP2 = ""; String newInsZone1 = ""; String newInsZone2 = ""; newInsId1 = createInstanceFromImageId(imageId1, keyGroupName); newInsId2 = createInstanceFromImageId(imageId2, keyGroupName); System.out.println("Second day first instance has been restored with id: " + newInsId1); System.out.println("Second day second instance has been restored with id: " + newInsId2); newInsZone1 = getInstanceZone(newInsId1); newInsZone2 = getInstanceZone(newInsId2); System.out.println("New instance 1 zone: " + newInsZone1); System.out.println("New instance 2 zone: " + newInsZone2); newInsIP1 = getInstanceIP(newInsId1); newInsIP2 = getInstanceIP(newInsId2); System.out.println("New instance 1 IP: " + newInsIP1); System.out.println("New instance 2 IP: " + newInsIP2); Thread.sleep(120000); /* exec read */ System.out.println(); System.out.println("Now start to read the file stored yesterday..."); execCmdRead(newInsIP1, keyGroupName); /********************************************* * * #9 Read data from S3 * *********************************************/ /* get the object from the first day */ System.out.println(); System.out.println("#9 Reading data from S3 stored on the first day"); S3Object object = s3.getObject(new GetObjectRequest(bucketName, key)); BufferedReader reader = new BufferedReader(new InputStreamReader(object.getObjectContent())); String data = null; while ((data = reader.readLine()) != null) { System.out.println(data); } /********************************************* * * #10 shutdown client object * *********************************************/ System.out.println("#10 shutdown client objects"); ec2.shutdown(); s3.shutdown(); } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } }
From source file:virtualIT.java
License:Open Source License
private void setRulesSecurityGroup(String securityGroupName) { //Add rules to your group IpPermission tcpIpPermission = new IpPermission(); IpPermission httpIpPermission = new IpPermission(); IpPermission sshIpPermission = new IpPermission(); tcpIpPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(0).withToPort(65535); httpIpPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(80).withToPort(80); sshIpPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(22).withToPort(22); List<IpPermission> ipPermissionList = new ArrayList<IpPermission>(); ipPermissionList.add(tcpIpPermission); ipPermissionList.add(httpIpPermission); ipPermissionList.add(sshIpPermission); AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.withGroupName(securityGroupName).withIpPermissions(ipPermissionList); ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); }
From source file:AwsSample.java
License:Open Source License
public static void main(String[] args) throws Exception { AWSCredentials credentials = new PropertiesCredentials( AwsSample.class.getResourceAsStream("AwsCredentials.properties")); /********************************************* * //from w ww .jav a 2 s . c o m * #1 Create Amazon Client object * *********************************************/ System.out.println("#1 Create Amazon Client object"); ec2 = new AmazonEC2Client(credentials); /********************************************* * Added By Chenyun Zhang * # Create an Amazon EC2 Security Group * *********************************************/ System.out.println("#1 Create an Amazon EC2 Security Group"); CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest(); createSecurityGroupRequest.withGroupName("JavaSecurityGroup").withDescription("My Java Security Group"); CreateSecurityGroupResult createSecurityGroupResult = ec2.createSecurityGroup(createSecurityGroupRequest); /********************************************* * Added By Chenyun Zhang * # Authorize Security Group Ingress * *********************************************/ System.out.println("#2 Authorize Security Group Ingress"); ArrayList<IpPermission> ipPermission = new ArrayList<IpPermission>(); //SSH IpPermission ipssh = new IpPermission(); ipssh.setIpProtocol("tcp"); ipssh.setFromPort(new Integer(22)); ipssh.setToPort(new Integer(22)); //ipssh.withIpRanges(ipRanges); ipssh.withIpRanges("72.69.22.123/32"); ipPermission.add(ipssh); //HTTP IpPermission iphttp = new IpPermission(); iphttp.setIpProtocol("tcp"); iphttp.setFromPort(new Integer(80)); iphttp.setToPort(new Integer(80)); iphttp.withIpRanges("0.0.0.0/0"); ipPermission.add(iphttp); //TCP IpPermission iptcp = new IpPermission(); iptcp.setIpProtocol("tcp"); iptcp.setFromPort(new Integer(49152)); iptcp.setToPort(new Integer(49152)); iptcp.withIpRanges("0.0.0.0/0"); ipPermission.add(iptcp); AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.withGroupName("JavaSecurityGroup").withIpPermissions(ipPermission); ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); /********************************************* * Added By Chenyun Zhang * # Create a Key Pair * *********************************************/ System.out.println("#3 Create a Key Pair"); CreateKeyPairRequest createKeyPairRequest = new CreateKeyPairRequest(); createKeyPairRequest.withKeyName("HW2"); CreateKeyPairResult createKeyPairResult = ec2.createKeyPair(createKeyPairRequest); KeyPair keyPair = new KeyPair(); keyPair = createKeyPairResult.getKeyPair(); String privateKey = keyPair.getKeyMaterial(); //Calling createKeyPair is the only way to obtain the private key programmatically. /********************************************* * Added By Chenyun Zhang * # Download KeyPair * *********************************************/ PrintWriter Storekey = new PrintWriter( "/Users/Annabelle/Documents/NYU-POLY/3/Cloud Computing/HW2" + "/" + "Hw2" + ".pem", "UTF-8"); Storekey.print(privateKey); Storekey.close(); System.out.println("Already store the key!"); try { /********************************************* * * #2 Describe Availability Zones. * *********************************************/ System.out.println("#2 Describe Availability Zones."); DescribeAvailabilityZonesResult availabilityZonesResult = ec2.describeAvailabilityZones(); System.out.println("You have access to " + availabilityZonesResult.getAvailabilityZones().size() + " Availability Zones."); /********************************************* * * #3 Describe Available Images * *********************************************/ System.out.println("#3 Describe Available Images"); DescribeImagesResult dir = ec2.describeImages(); List<Image> images = dir.getImages(); System.out.println("You have " + images.size() + " Amazon images"); /********************************************* * * #4 Describe Key Pair * *********************************************/ System.out.println("#9 Describe Key Pair"); DescribeKeyPairsResult dkr = ec2.describeKeyPairs(); System.out.println(dkr.toString()); /********************************************* * * #5 Describe Current Instances * *********************************************/ System.out.println("#4 Describe Current Instances"); DescribeInstancesResult describeInstancesRequest = ec2.describeInstances(); List<Reservation> reservations = describeInstancesRequest.getReservations(); Set<Instance> instances = new HashSet<Instance>(); // add all instances to a Set. for (Reservation reservation : reservations) { instances.addAll(reservation.getInstances()); } System.out.println("You have " + instances.size() + " Amazon EC2 instance(s)."); for (Instance ins : instances) { // instance id String instanceId = ins.getInstanceId(); // instance state InstanceState is = ins.getState(); System.out.println(instanceId + " " + is.getName()); } /********************************************* * * #6 Create an Instance * *********************************************/ System.out.println("#5 Create an Instance"); String imageId = "ami-76f0061f"; //Basic 64-bit Amazon Linux AMI int minInstanceCount = 1; // create 1 instance int maxInstanceCount = 1; //RunInstancesRequest rir = new RunInstancesRequest(imageId, minInstanceCount, maxInstanceCount); RunInstancesRequest rir = new RunInstancesRequest(); rir.withImageId(imageId).withInstanceType("t1.micro").withMinCount(minInstanceCount) .withMaxCount(maxInstanceCount).withKeyName("HW2").withSecurityGroups("JavaSecurityGroup"); RunInstancesResult result = ec2.runInstances(rir); /********************************************* * Added by Chenyun Zhang * # Get the public Ip address * *********************************************/ //get instanceId from the result List<Instance> resultInstance = result.getReservation().getInstances(); String createdInstanceId = null; for (Instance ins : resultInstance) { createdInstanceId = ins.getInstanceId(); System.out.println("New instance has been created: " + ins.getInstanceId()); //DescribeInstancesRequest and get ip String createdInstanceIp = null; while (createdInstanceIp == null) { System.out.println("Please waiting for 10 seconds!"); Thread.sleep(10000); DescribeInstancesRequest newdescribeInstances = new DescribeInstancesRequest(); DescribeInstancesResult newdescribeInstancesRequest = ec2 .describeInstances(newdescribeInstances); List<Reservation> newreservations = newdescribeInstancesRequest.getReservations(); Set<Instance> allinstances = new HashSet<Instance>(); for (Reservation reservation : newreservations) { allinstances.addAll(reservation.getInstances()); } for (Instance myinst : allinstances) { String instanceId = myinst.getInstanceId(); if (instanceId.equals(createdInstanceId)) { createdInstanceIp = myinst.getPublicIpAddress(); } } } System.out.println("Already get the Ip!"); System.out.println("New instance's ip address is:" + createdInstanceIp); IP = createdInstanceIp; } /********************************************* * * #7 Create a 'tag' for the new instance. * *********************************************/ System.out.println("#6 Create a 'tag' for the new instance."); List<String> resources = new LinkedList<String>(); List<Tag> tags = new LinkedList<Tag>(); Tag nameTag = new Tag("Name", "MyFirstInstance"); resources.add(createdInstanceId); tags.add(nameTag); CreateTagsRequest ctr = new CreateTagsRequest(resources, tags); ec2.createTags(ctr); /********************************************* * Added By Chenyun Zhang * # SSH connect into EC2 * *********************************************/ Thread.sleep(100000); ssh con = new ssh(); con.sshcon(IP); /********************************************* * * #8 Stop/Start an Instance * *********************************************/ System.out.println("#7 Stop the Instance"); List<String> instanceIds = new LinkedList<String>(); instanceIds.add(createdInstanceId); //stop StopInstancesRequest stopIR = new StopInstancesRequest(instanceIds); //ec2.stopInstances(stopIR); //start StartInstancesRequest startIR = new StartInstancesRequest(instanceIds); //ec2.startInstances(startIR); /********************************************* * * #9 Terminate an Instance * *********************************************/ System.out.println("#8 Terminate the Instance"); TerminateInstancesRequest tir = new TerminateInstancesRequest(instanceIds); //ec2.terminateInstances(tir); /********************************************* * * #10 shutdown client object * *********************************************/ ec2.shutdown(); } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } }
From source file:EC2InstanceLaunch.java
License:Open Source License
private static void addInboundRule(String groupName, String ipRanges, String protocols, int fromPort, int toPort) { IpPermission ipPermission = new IpPermission(); ipPermission.withIpRanges(ipRanges).withIpProtocol(protocols).withFromPort(fromPort).withToPort(toPort); AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.withGroupName(groupName).withIpPermissions(ipPermission); ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); }
From source file:com.kpbird.aws.Main.java
private void createEC2SecurityGroup() { try {//w w w .j a v a2 s . c o m log.Info("Create Security Group Request"); CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest(); createSecurityGroupRequest.withGroupName(groupName).withDescription(groupDescription); createSecurityGroupRequest.setRequestCredentials(credentials); CreateSecurityGroupResult csgr = ec2client.createSecurityGroup(createSecurityGroupRequest); String groupid = csgr.getGroupId(); log.Info("Security Group Id : " + groupid); log.Info("Create Security Group Permission"); Collection<IpPermission> ips = new ArrayList<IpPermission>(); // Permission for SSH only to your ip IpPermission ipssh = new IpPermission(); ipssh.withIpRanges(sshIpRange).withIpProtocol(sshprotocol).withFromPort(sshFromPort) .withToPort(sshToPort); ips.add(ipssh); // Permission for HTTP, any one can access IpPermission iphttp = new IpPermission(); iphttp.withIpRanges(httpIpRange).withIpProtocol(httpProtocol).withFromPort(httpFromPort) .withToPort(httpToPort); ips.add(iphttp); //Permission for HTTPS, any one can accesss IpPermission iphttps = new IpPermission(); iphttps.withIpRanges(httpsIpRange).withIpProtocol(httpsProtocol).withFromPort(httpsFromPort) .withToPort(httpsToProtocol); ips.add(iphttps); log.Info("Attach Owner to security group"); // Register this security group with owner AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.withGroupName(groupName).withIpPermissions(ips); ec2client.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); } catch (Exception e) { e.printStackTrace(); System.exit(0); } }
From source file:net.firejack.aws.web.controller.AWSController.java
License:Apache License
private CreateSecurityGroupResult createSecurityGroupWithRules() { if (amazonEC2 == null) { throw new AmazonServiceException("Amazon service can't initialize"); }//from ww w.java 2 s.co m CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest(); String name = securityGroupName + "-" + genRandomString(); createSecurityGroupRequest.withGroupName(name).withDescription("Security Group for Platform running"); CreateSecurityGroupResult securityGroupResult = amazonEC2.createSecurityGroup(createSecurityGroupRequest); IpPermission sshPermission = new IpPermission(); sshPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(22).withToPort(22); IpPermission httpPermission = new IpPermission(); httpPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(8080).withToPort(8080); AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest = new AuthorizeSecurityGroupIngressRequest(); authorizeSecurityGroupIngressRequest.withGroupName(name).withIpPermissions(sshPermission, httpPermission); amazonEC2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest); return securityGroupResult; }
From source file:org.apache.airavata.core.gfac.provider.impl.EC2Provider.java
License:Apache License
public EC2Provider(InvocationContext invocationContext) throws ProviderException { ExecutionContext execContext = invocationContext.getExecutionContext(); OMElement omSecurityContextHeader = execContext.getSecurityContextHeader(); ContextHeaderDocument document = null; try {// w w w .j av a 2 s .c o m document = ContextHeaderDocument.Factory.parse(omSecurityContextHeader.toStringWithConsume()); } catch (XMLStreamException e) { e.printStackTrace(); } catch (XmlException e) { e.printStackTrace(); } SecurityContextDocument.SecurityContext.AmazonWebservices amazonWebservices = document.getContextHeader() .getSecurityContext().getAmazonWebservices(); String access_key = amazonWebservices.getAccessKeyId(); String secret_key = amazonWebservices.getSecretAccessKey(); String ami_id = amazonWebservices.getAmiId(); String ins_id = amazonWebservices.getInstanceId(); String ins_type = amazonWebservices.getInstanceType(); this.username = amazonWebservices.getUsername(); log.info("ACCESS_KEY:" + access_key); log.info("SECRET_KEY:" + secret_key); log.info("AMI_ID:" + ami_id); log.info("INS_ID:" + ins_id); log.info("INS_TYPE:" + ins_type); log.info("USERNAME:" + username); /* * Validation */ if (access_key == null || access_key.isEmpty()) throw new ProviderException("Access Key is empty"); if (secret_key == null || secret_key.isEmpty()) throw new ProviderException("Secret Key is empty"); if ((ami_id == null && ins_id == null) || (ami_id != null && ami_id.isEmpty()) || (ins_id != null && ins_id.isEmpty())) throw new ProviderException("AMI or Instance ID is empty"); if (this.username == null || this.username.isEmpty()) throw new ProviderException("Username is empty"); /* * Need to start EC2 instance before running it */ AWSCredentials credential = new BasicAWSCredentials(access_key, secret_key); AmazonEC2Client ec2client = new AmazonEC2Client(credential); try { /* * Build key pair before start instance */ buildKeyPair(ec2client); // right now, we can run it on one host if (ami_id != null) this.instance = startInstances(ec2client, ami_id, ins_type, execContext).get(0); else { // already running instance DescribeInstancesRequest describeInstancesRequest = new DescribeInstancesRequest(); DescribeInstancesResult describeInstancesResult = ec2client .describeInstances(describeInstancesRequest.withInstanceIds(ins_id)); if (describeInstancesResult.getReservations().size() == 0 || describeInstancesResult.getReservations().get(0).getInstances().size() == 0) { throw new GfacException("Instance not found:" + ins_id); } this.instance = describeInstancesResult.getReservations().get(0).getInstances().get(0); // check instance keypair if (this.instance.getKeyName() == null || !this.instance.getKeyName().equals(KEY_PAIR_NAME)) throw new GfacException("Keypair for instance:" + ins_id + " is not valid"); } //TODO send out instance id //execContext.getNotificationService().sendResourceMappingNotifications(this.instance.getPublicDnsName(), "EC2 Instance " + this.instance.getInstanceId() + " is running with public name " + this.instance.getPublicDnsName(), this.instance.getInstanceId()); /* * Make sure port 22 is connectable */ for (GroupIdentifier g : this.instance.getSecurityGroups()) { IpPermission ip = new IpPermission(); ip.setIpProtocol("tcp"); ip.setFromPort(22); ip.setToPort(22); AuthorizeSecurityGroupIngressRequest r = new AuthorizeSecurityGroupIngressRequest(); r = r.withIpPermissions(ip.withIpRanges("0.0.0.0/0")); r.setGroupId(g.getGroupId()); try { ec2client.authorizeSecurityGroupIngress(r); } catch (AmazonServiceException as) { /* * If exception is from duplicate room, ignore it. */ if (!as.getErrorCode().equals("InvalidPermission.Duplicate")) throw as; } } } catch (Exception e) { throw new ProviderException("Invalied Request", e); } SSHSecurityContextImpl sshContext = ((SSHSecurityContextImpl) invocationContext .getSecurityContext(SSH_SECURITY_CONTEXT)); if (sshContext == null) { sshContext = new SSHSecurityContextImpl(); } sshContext.setUsername(username); sshContext.setKeyPass(""); sshContext.setPrivateKeyLoc(privateKeyFilePath); invocationContext.addSecurityContext(SSH_SECURITY_CONTEXT, sshContext); //set to super class /*setUsername(username); setPassword(""); setKnownHostsFileName(null); setKeyFileName(privateKeyFilePath);*/ // we need to erase gridftp URL since we will forcefully use SFTP // TODO /*execContext.setHost(this.instance.getPublicDnsName()); execContext.getHostDesc().getHostConfiguration().setGridFTPArray(null); execContext.setFileTransferService(new SshFileTransferService(execContext, this.username, privateKeyFilePath));*/ }
From source file:org.apache.airavata.gfac.ec2.EC2Provider.java
License:Apache License
/** * Checks whether the port 22 of the Amazon instance is accessible. * * @param instance Amazon instance id.//from ww w . j av a 2s. c om * @param ec2client AmazonEC2Client object */ private void checkConnection(Instance instance, AmazonEC2Client ec2client) { /* Make sure port 22 is connectible */ for (GroupIdentifier g : instance.getSecurityGroups()) { IpPermission ip = new IpPermission(); ip.setIpProtocol("tcp"); ip.setFromPort(SSH_PORT); ip.setToPort(SSH_PORT); AuthorizeSecurityGroupIngressRequest r = new AuthorizeSecurityGroupIngressRequest(); r = r.withIpPermissions(ip.withIpRanges("0.0.0.0/0")); r.setGroupId(g.getGroupId()); try { ec2client.authorizeSecurityGroupIngress(r); } catch (AmazonServiceException as) { /* If exception is from duplicate room, ignore it. */ if (!as.getErrorCode().equals("InvalidPermission.Duplicate")) throw as; } } }
From source file:org.apache.usergrid.chop.api.store.amazon.AmazonIpRuleManager.java
License:Apache License
@Override public void addRules(final String name, final Collection<String> ipRanges, final String protocol, final int fromPort, final int toPort) { IpPermission ipPermission = new IpPermission(); ipPermission.withIpRanges(ipRanges).withIpProtocol(protocol).withFromPort(fromPort).withToPort(toPort); try {/* ww w. j av a2s . com*/ AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest(); request = request.withGroupName(name).withIpPermissions(ipPermission); client.authorizeSecurityGroupIngress(request); } catch (Exception e) { LOG.error("Error whilt adding rule to security group: {}", name, e); } }