List of usage examples for com.amazonaws.services.ec2.model RevokeSecurityGroupIngressRequest RevokeSecurityGroupIngressRequest
public RevokeSecurityGroupIngressRequest(String groupName, java.util.List<IpPermission> ipPermissions)
From source file:c3.ops.priam.aws.AWSMembership.java
License:Apache License
/** * removes a iplist from the SG//from w w w. j a va2 s . c om */ public void removeACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add(new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs) .withToPort(to)); client.revokeSecurityGroupIngress( new RevokeSecurityGroupIngressRequest(config.getACLGroupName(), ipPermissions)); logger.info("Done removing from ACL: " + StringUtils.join(listIPs, ",")); } finally { if (client != null) client.shutdown(); } }
From source file:ch.admin.isb.hermes5.tools.deploysupport.DeploySupport.java
License:Apache License
public void removePortFromEC2SecurityGroup() { RevokeSecurityGroupIngressRequest revokeSecurityGroupIngressRequest = new RevokeSecurityGroupIngressRequest( ec2securityGroupName, Arrays.asList(ec2TcpPermission())); ec2().revokeSecurityGroupIngress(revokeSecurityGroupIngressRequest); audit("Closed Ports: " + targetPort); }
From source file:com.brighttag.agathon.security.ec2.Ec2SecurityGroupService.java
License:Apache License
@Override public void revokeIngressRules(String groupName, String dataCenter, SecurityGroupPermission permission) { client(dataCenter).revokeSecurityGroupIngress( new RevokeSecurityGroupIngressRequest(groupName, toIpPermissions(permission))); }
From source file:com.github.trask.sandbox.ec2.Ec2Service.java
License:Apache License
public void syncInboundRules(SecurityGroup securityGroup, List<IpPermission> ipPermissions) { List<WrappedIpPermission> revokeWrappedIpPermissions = wrap(securityGroup.getIpPermissions()); revokeWrappedIpPermissions.removeAll(wrap(ipPermissions)); List<WrappedIpPermission> authorizeWrappedIpPermissions = wrap(ipPermissions); authorizeWrappedIpPermissions.removeAll(wrap(securityGroup.getIpPermissions())); // revoke must be done first in case one of multiple UserIdGroupPairs for // a single IpPermission is being revoked if (!revokeWrappedIpPermissions.isEmpty()) { RevokeSecurityGroupIngressRequest request = new RevokeSecurityGroupIngressRequest( securityGroup.getGroupName(), new ArrayList<IpPermission>(unwrap(revokeWrappedIpPermissions))); ec2.revokeSecurityGroupIngress(request); }/*from w ww . j a va 2s . co m*/ if (!authorizeWrappedIpPermissions.isEmpty()) { AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest( securityGroup.getGroupName(), new ArrayList<IpPermission>(unwrap(authorizeWrappedIpPermissions))); ec2.authorizeSecurityGroupIngress(request); } }
From source file:com.netflix.dynomitemanager.sidecore.aws.AWSMembership.java
License:Apache License
/** * removes a iplist from the SG//from w w w.j a va 2 s. com */ public void removeACL(Collection<String> listIPs, int from, int to) { AmazonEC2 client = null; try { client = getEc2Client(); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add(new IpPermission().withFromPort(from).withIpProtocol("tcp").withIpRanges(listIPs) .withToPort(to)); if (this.insEnvIdentity.isClassic()) { client.revokeSecurityGroupIngress( new RevokeSecurityGroupIngressRequest(config.getACLGroupName(), ipPermissions)); logger.info("Done removing from ACL within classic env for running instance: " + StringUtils.join(listIPs, ",")); } else { RevokeSecurityGroupIngressRequest req = new RevokeSecurityGroupIngressRequest(); req.withGroupId(getVpcGroupId()); //fetch SG group id for vpc account of the running instance. client.revokeSecurityGroupIngress(req.withIpPermissions(ipPermissions)); //Adding peers' IPs as ingress to the running instance SG logger.info("Done removing from ACL within vpc env for running instance: " + StringUtils.join(listIPs, ",")); } } finally { if (client != null) client.shutdown(); } }
From source file:com.zotoh.cloudapi.aws.SecurityGroup.java
License:Open Source License
@Override public void revoke(final String group, final String cidr, final Protocol p, final int fromPort, final int toPort) throws CloudException, InternalException { tstEStrArg("group-name", group); tstEStrArg("cidr", cidr); tstObjArg("protocol", p); List<IpPermission> lst = toObjList(toPerm(group, cidr, p, fromPort, toPort)); _svc.getCloud().getEC2().revokeSecurityGroupIngress(new RevokeSecurityGroupIngressRequest(group, lst)); }