List of usage examples for com.amazonaws.services.ec2.model SecurityGroup getGroupName
public String getGroupName()
The name of the security group.
From source file:Security.java
License:Open Source License
String createSG(AmazonEC2 ec2) throws IOException { try {/* w w w .j a v a 2 s .c o m*/ securitygroup = "VirualIT_Security_Group" + Virtualize.no_of_days; CreateSecurityGroupRequest reqsec = new CreateSecurityGroupRequest().withGroupName(securitygroup) .withDescription("ssh-tcp-https-http"); CreateSecurityGroupResult ressec = ec2.createSecurityGroup(reqsec); String ipAddr = "0.0.0.0/0"; ArrayList<String> ipRanges = new ArrayList<String>(); ipRanges.add(ipAddr); ArrayList<IpPermission> ipPermissions = new ArrayList<IpPermission>(); IpPermission ipPermission_ssh = new IpPermission(); ipPermission_ssh.setIpProtocol("tcp"); ipPermission_ssh.setFromPort(new Integer(22)); ipPermission_ssh.setToPort(new Integer(22)); IpPermission ipPermission_http = new IpPermission(); ipPermission_http.setIpProtocol("tcp"); ipPermission_http.setFromPort(new Integer(80)); ipPermission_http.setToPort(new Integer(80)); IpPermission ipPermission_https = new IpPermission(); ipPermission_https.setIpProtocol("tcp"); ipPermission_https.setFromPort(new Integer(443)); ipPermission_https.setToPort(new Integer(443)); ipPermission_ssh.setIpRanges(ipRanges); ipPermission_http.setIpRanges(ipRanges); ipPermission_https.setIpRanges(ipRanges); ipPermissions.add(ipPermission_http); ipPermissions.add(ipPermission_https); ipPermissions.add(ipPermission_ssh); try { // Authorize the ports to the used. AuthorizeSecurityGroupIngressRequest ingressRequest = new AuthorizeSecurityGroupIngressRequest( securitygroup, ipPermissions); ec2.authorizeSecurityGroupIngress(ingressRequest); System.out.println("Assigned " + ingressRequest); } catch (AmazonServiceException ase) { // Ignore because this likely means the zone has already been authorized. System.err.println(ase.getMessage()); } DescribeSecurityGroupsRequest x = new DescribeSecurityGroupsRequest().withGroupNames(securitygroup); DescribeSecurityGroupsResult secgrp = ec2.describeSecurityGroups(x); for (SecurityGroup s : secgrp.getSecurityGroups()) { if (s.getGroupName().equals(securitygroup)) { System.out.println(s.getIpPermissions()); } } } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } return securitygroup; }
From source file:br.com.ingenieux.mojo.beanstalk.AbstractBeanstalkMojo.java
License:Apache License
/** * Boolean predicate for harmful/placebo options <p/> I really mean harmful - If you mention a * terminated environment settings, Elastic Beanstalk will accept, but this might lead to * inconsistent states, specially when creating / listing environments. <p/> Trust me on this * one./*from w w w . j a v a2 s .c om*/ * * @param environmentId environment id to lookup * @param optionSetting option setting * @return true if this is not needed */ protected boolean harmfulOptionSettingP(final String environmentId, ConfigurationOptionSetting optionSetting) throws Exception { //aws:autoscaling:launchconfiguration:SecurityGroups['sg-18585f7d'] if (ConfigUtil.optionSettingMatchesP(optionSetting, "aws:autoscaling:launchconfiguration", "SecurityGroups")) { final String securityGroup = optionSetting.getValue(); if (-1 != securityGroup.indexOf(environmentId)) { return true; } if (getLog().isInfoEnabled()) { getLog().info("Probing security group '" + securityGroup + "'"); } Validate.isTrue(securityGroup.matches("^sg-\\p{XDigit}{8}$"), "Invalid Security Group Spec: " + securityGroup); final AmazonEC2 ec2 = this.getClientFactory().getService(AmazonEC2Client.class); final DescribeSecurityGroupsResult describeSecurityGroupsResult = ec2 .describeSecurityGroups(new DescribeSecurityGroupsRequest().withGroupIds(securityGroup)); if (!describeSecurityGroupsResult.getSecurityGroups().isEmpty()) { final Predicate<SecurityGroup> predicate = new Predicate<SecurityGroup>() { @Override public boolean apply(SecurityGroup input) { return -1 == input.getGroupName().indexOf(environmentId); } }; return Collections2.filter(describeSecurityGroupsResult.getSecurityGroups(), predicate).isEmpty(); } } boolean bInvalid = isBlank(optionSetting.getValue()); if (!bInvalid) { bInvalid = (optionSetting.getNamespace().equals("aws:cloudformation:template:parameter") && optionSetting.getOptionName().equals("AppSource")); } if (!bInvalid) { bInvalid = (optionSetting.getNamespace().equals("aws:elasticbeanstalk:sns:topics") && optionSetting.getOptionName().equals("Notification Topic ARN")); } /* * TODO: Apply a more general regex instead */ if (!bInvalid && isNotBlank(environmentId)) { bInvalid = (optionSetting.getValue().contains(environmentId)); } return bInvalid; }
From source file:com.brighttag.agathon.security.ec2.Ec2SecurityGroupService.java
License:Apache License
private static Predicate<SecurityGroup> withGroupName(final String groupName) { return new Predicate<SecurityGroup>() { @Override//from www . j a va2 s . co m public boolean apply(SecurityGroup securityGroup) { return securityGroup.getGroupName().equals(groupName); } }; }
From source file:com.eucalyptus.tests.awssdk.CloudCleaner.java
License:Open Source License
@Test public void clean() throws Exception { testInfo(this.getClass().getSimpleName()); getCloudInfo();// www. j a va 2 s.c o m //Terminate All instances List<String> instancesToTerminate = new ArrayList<String>(); DescribeInstancesResult result = ec2.describeInstances(); List<Reservation> reservations = result.getReservations(); if (reservations.size() > 0) { print("Found instances to terminate"); for (Reservation reservation : reservations) { List<Instance> instances = reservation.getInstances(); for (Instance instance : instances) { print("Terminating: " + instance.getInstanceId()); instancesToTerminate.add(instance.getInstanceId()); } } TerminateInstancesRequest term = new TerminateInstancesRequest(); term.setInstanceIds(instancesToTerminate); ec2.terminateInstances(term); } else { print("No instances found"); } // delete all keypairs if (getKeyPairCount() > 0) { print("Found Keypairs to delete"); DescribeKeyPairsResult describeKeyPairsResult = ec2.describeKeyPairs(); for (KeyPairInfo keypair : describeKeyPairsResult.getKeyPairs()) { deleteKeyPair(keypair.getKeyName()); } } else { print("No keypairs found"); } // delete all groups except default group List<SecurityGroup> groups = describeSecurityGroups(); if (groups.size() > 1) { print("Found security groups to delete"); for (SecurityGroup group : groups) { if (!group.getGroupName().equals("default")) { deleteSecurityGroup(group.getGroupName()); } } } else { print("No Security Groups found (other than default)"); } // delete all policies List<ScalingPolicy> policies = describePolicies(); if (policies.size() > 0) { print("Found Policies to delete"); for (ScalingPolicy policy : policies) { deletePolicy(policy.getPolicyName()); } } else { print("No auto scaling policies found"); } // delete launch configs List<LaunchConfiguration> lcs = describeLaunchConfigs(); if (lcs.size() > 0) { print("Found Launch Configs to delete"); for (LaunchConfiguration lc : lcs) { deleteLaunchConfig(lc.getLaunchConfigurationName()); } } else { print("No launch configs found"); } // delete autoscaling groups List<AutoScalingGroup> asGroups = describeAutoScalingGroups(); if (asGroups.size() > 0) { print("Found Auto Scaling Groups to delete"); for (AutoScalingGroup asg : asGroups) { deleteAutoScalingGroup(asg.getAutoScalingGroupName(), true); } } else { print("No auto scaling groups found"); } // delete volumes List<Volume> volumes = ec2.describeVolumes().getVolumes(); if (volumes.size() > 0) { print("Found volumes to delete"); for (Volume vol : volumes) { deleteVolume(vol.getVolumeId()); } } else { print("No volumes found"); } //delete snapshots List<Snapshot> snapshots = ec2.describeSnapshots().getSnapshots(); if (snapshots.size() > 0) { print("Found snapshots to delete"); for (Snapshot snap : snapshots) { deleteSnapshot(snap.getSnapshotId()); } } else { print("No volumes found"); } }
From source file:com.github.trask.sandbox.ec2.Ec2Service.java
License:Apache License
public void syncInboundRules(SecurityGroup securityGroup, List<IpPermission> ipPermissions) { List<WrappedIpPermission> revokeWrappedIpPermissions = wrap(securityGroup.getIpPermissions()); revokeWrappedIpPermissions.removeAll(wrap(ipPermissions)); List<WrappedIpPermission> authorizeWrappedIpPermissions = wrap(ipPermissions); authorizeWrappedIpPermissions.removeAll(wrap(securityGroup.getIpPermissions())); // revoke must be done first in case one of multiple UserIdGroupPairs for // a single IpPermission is being revoked if (!revokeWrappedIpPermissions.isEmpty()) { RevokeSecurityGroupIngressRequest request = new RevokeSecurityGroupIngressRequest( securityGroup.getGroupName(), new ArrayList<IpPermission>(unwrap(revokeWrappedIpPermissions))); ec2.revokeSecurityGroupIngress(request); }//from w w w. j av a 2s . c om if (!authorizeWrappedIpPermissions.isEmpty()) { AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest( securityGroup.getGroupName(), new ArrayList<IpPermission>(unwrap(authorizeWrappedIpPermissions))); ec2.authorizeSecurityGroupIngress(request); } }
From source file:com.jaspersoft.jasperserver.api.engine.jasperreports.util.AwsDataSourceRecovery.java
License:Open Source License
private String recoverVpcSecurityGroup(AwsReportDataSource awsReportDataSource, String vpcId, String ingressPublicIp) { AWSCredentials awsCredentials = AwsCredentialUtil.getAWSCredentials(awsReportDataSource.getAWSAccessKey(), awsReportDataSource.getAWSSecretKey(), awsReportDataSource.getRoleARN()); //Security//ww w.j a v a 2 s.c o m AmazonEC2Client amazonEc2Client = new AmazonEC2Client(awsCredentials); SecurityGroup vpcSecurityGroup = null; try { DescribeSecurityGroupsResult describeSecurityGroupsResult = amazonEc2Client.describeSecurityGroups(); if (describeSecurityGroupsResult != null && describeSecurityGroupsResult.getSecurityGroups() != null && describeSecurityGroupsResult.getSecurityGroups().size() > 0) { for (SecurityGroup securityGroup : describeSecurityGroupsResult.getSecurityGroups()) { if (securityGroup.getVpcId() != null && securityGroup.getVpcId().equals(vpcId) && securityGroup.getGroupName().equals(awsProperties.getSecurityGroupName())) { vpcSecurityGroup = securityGroup; break; } } } } catch (Exception ex) { //Have to be empty. } boolean ingressIpMaskExist = false; String vpcSecurityGroupId; if (vpcSecurityGroup != null) { vpcSecurityGroupId = vpcSecurityGroup.getGroupId(); List<IpPermission> ipPermissions = vpcSecurityGroup.getIpPermissions(); if (ipPermissions != null && ipPermissions.size() > 0) { for (IpPermission ipPermission : ipPermissions) { if (ipPermission.getIpRanges() != null && ipPermission.getIpRanges().size() > 0 && ipPermission.getIpRanges().contains(ingressPublicIp)) { ingressIpMaskExist = true; } } } if (!ingressIpMaskExist && ipPermissions != null && ipPermissions.size() > 0) { RevokeSecurityGroupIngressRequest revokeSecurityGroupIngressRequest = new RevokeSecurityGroupIngressRequest() .withGroupId(vpcSecurityGroup.getGroupId()).withIpPermissions() .withIpPermissions(vpcSecurityGroup.getIpPermissions()); amazonEc2Client.revokeSecurityGroupIngress(revokeSecurityGroupIngressRequest); } } else { vpcSecurityGroupId = amazonEc2Client .createSecurityGroup( new CreateSecurityGroupRequest().withGroupName(awsProperties.getSecurityGroupName()) .withVpcId(vpcId).withDescription(awsProperties.getSecurityGroupDescription())) .getGroupId(); } if (!ingressIpMaskExist) { IpPermission ipPermission = new IpPermission().withIpProtocol("tcp").withIpRanges(ingressPublicIp) .withFromPort(0).withToPort(65535); List<IpPermission> ipPermissions = new ArrayList<IpPermission>(); ipPermissions.add(ipPermission); AuthorizeSecurityGroupIngressRequest authorizeRequest = new AuthorizeSecurityGroupIngressRequest() .withIpPermissions(ipPermissions).withGroupId(vpcSecurityGroupId); amazonEc2Client.authorizeSecurityGroupIngress(authorizeRequest); } return vpcSecurityGroupId; }
From source file:com.lunabeat.dooper.ClusterList.java
License:Apache License
public static Map<String, Map<String, List<Instance>>> getClusterMap(ClusterConfig config) { HashMap<String, Map<String, List<Instance>>> clusterMap = new HashMap<String, Map<String, List<Instance>>>(); AmazonEC2Client ec2 = new AmazonEC2Client(config); DescribeSecurityGroupsRequest dsr = new DescribeSecurityGroupsRequest().withFilters( new Filter().withName(HadoopCluster.GROUP_NAME_KEY).withValues("*" + HadoopCluster.MASTER_SUFFIX)); DescribeSecurityGroupsResult groupsResult = ec2.describeSecurityGroups(dsr); if (groupsResult == null) return null; List<SecurityGroup> groups = groupsResult.getSecurityGroups(); ArrayList<String> groupNames = new ArrayList<String>(); for (SecurityGroup sg : groups) { groupNames.add(sg.getGroupName()); groupNames.add(sg.getGroupName().replace(HadoopCluster.MASTER_SUFFIX, "")); }// w w w .jav a 2 s. c om for (String group : groupNames) { String clusterName = group.replace(HadoopCluster.MASTER_SUFFIX, ""); if (clusterMap.get(clusterName) == null) clusterMap.put(clusterName, new HashMap<String, List<Instance>>()); if (clusterMap.get(clusterName).get(group) == null) clusterMap.get(clusterName).put(group, new ArrayList<Instance>()); } DescribeInstancesRequest dir = new DescribeInstancesRequest() .withFilters(new Filter().withName(HadoopCluster.GROUP_NAME_KEY).withValues(groupNames)); DescribeInstancesResult instanceResult = ec2.describeInstances(dir); if (instanceResult == null) return null; for (Reservation r : instanceResult.getReservations()) { String group = r.getGroupNames().get(0); String clusterName = group.replace(HadoopCluster.MASTER_SUFFIX, ""); if (clusterMap.get(clusterName) == null) clusterMap.put(clusterName, new HashMap<String, List<Instance>>()); if (clusterMap.get(clusterName).get(group) == null) clusterMap.get(clusterName).put(group, new ArrayList<Instance>()); for (Instance i : r.getInstances()) { clusterMap.get(clusterName).get(group).add(i); } } return clusterMap; }
From source file:com.netflix.edda.EddaEc2Client.java
License:Apache License
public DescribeSecurityGroupsResult describeSecurityGroups(DescribeSecurityGroupsRequest request) { validateEmpty("Filter", request.getFilters()); TypeReference<List<SecurityGroup>> ref = new TypeReference<List<SecurityGroup>>() { };/* ww w . ja v a 2 s. com*/ String url = config.url() + "/api/v2/aws/securityGroups;_expand"; try { List<SecurityGroup> securityGroups = parse(ref, doGet(url)); List<String> names = request.getGroupNames(); List<String> ids = request.getGroupIds(); if (shouldFilter(names) || shouldFilter(ids)) { List<SecurityGroup> sgs = new ArrayList<SecurityGroup>(); for (SecurityGroup sg : securityGroups) { if (matches(names, sg.getGroupName()) && matches(ids, sg.getGroupId())) sgs.add(sg); } securityGroups = sgs; } return new DescribeSecurityGroupsResult().withSecurityGroups(securityGroups); } catch (IOException e) { throw new AmazonClientException("Faled to parse " + url, e); } }
From source file:com.netflix.spinnaker.clouddriver.aws.deploy.handlers.MigrateLoadBalancerStrategy.java
License:Apache License
/** * Generates a list of security groups that should be applied to the target load balancer * * @param sourceDescription AWS descriptor of source load balancer * @param result result object of the calling migate operation * @return the list of security groups that will be created or added, excluding the elb-specific security group *//*from www. jav a2 s . c om*/ protected List<MigrateSecurityGroupResult> getTargetSecurityGroups(LoadBalancerDescription sourceDescription, MigrateLoadBalancerResult result) { sourceDescription.getSecurityGroups().stream() .filter(g -> !sourceLookup.getSecurityGroupById(source.getCredentialAccount(), g, source.getVpcId()) .isPresent()) .forEach(m -> result.getWarnings().add( "Skipping creation of security group: " + m + " (could not be found in source location)")); List<SecurityGroup> currentGroups = sourceDescription.getSecurityGroups().stream() .filter(g -> sourceLookup.getSecurityGroupById(source.getCredentialAccount(), g, source.getVpcId()) .isPresent()) .map(g -> sourceLookup.getSecurityGroupById(source.getCredentialAccount(), g, source.getVpcId()) .get().getSecurityGroup()) .collect(Collectors.toList()); return sourceDescription.getSecurityGroups().stream() .filter(g -> currentGroups.stream().anyMatch(g2 -> g2.getGroupId().equals(g))).map(g -> { SecurityGroup match = currentGroups.stream().filter(g3 -> g3.getGroupId().equals(g)).findFirst() .get(); SecurityGroupLocation sourceLocation = new SecurityGroupLocation(); sourceLocation.setName(match.getGroupName()); sourceLocation.setRegion(source.getRegion()); sourceLocation.setCredentials(source.getCredentials()); sourceLocation.setVpcId(source.getVpcId()); return new SecurityGroupMigrator(sourceLookup, targetLookup, migrateSecurityGroupStrategy, sourceLocation, new SecurityGroupLocation(target)).migrate(dryRun); }).collect(Collectors.toList()); }
From source file:com.netflix.spinnaker.clouddriver.aws.deploy.handlers.MigrateSecurityGroupStrategy.java
License:Apache License
/** * Determines whether ingress rules should be updated when migrating the security group - for example, you may * not want to touch security groups that are managed by a different team, or security groups in a specific service * * @param securityGroup the security group * @return true if ingress rules should be updated, false otherwise *//* w ww . ja va 2s . c om*/ protected boolean shouldCreateTargetPermissions(SecurityGroup securityGroup) { return !getInfrastructureApplications().contains(Names.parseName(securityGroup.getGroupName()).getApp()); }