Search in sources :

Example 6 with CreateSecurityGroupRequest

use of com.amazonaws.services.ec2.model.CreateSecurityGroupRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class EC2SecuritySetup method createSecurityGroup.

/**
 * Create a security group. If the group already exists
 * @param ec2Client
 * @param request
 */
void createSecurityGroup(CreateSecurityGroupRequest request) {
    try {
        // First create the EC2 group
        log.info("Creating Security Group: " + request.getGroupName() + "...");
        CreateSecurityGroupResult result = ec2Client.createSecurityGroup(request);
    } catch (AmazonServiceException e) {
        if (ERROR_CODE_INVALID_GROUP_DUPLICATE.equals(e.getErrorCode())) {
            // This group already exists
            log.info("Security Group: " + request.getGroupName() + " already exits");
        } else {
            throw e;
        }
    }
}
Also used : AmazonServiceException(com.amazonaws.AmazonServiceException) CreateSecurityGroupResult(com.amazonaws.services.ec2.model.CreateSecurityGroupResult)

Example 7 with CreateSecurityGroupRequest

use of com.amazonaws.services.ec2.model.CreateSecurityGroupRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class EC2SecuritySetupTest method testSetupElasticBeanstalkEC2SecutiryGroup.

@Test
public void testSetupElasticBeanstalkEC2SecutiryGroup() {
    String expectedDescription = config.getElasticSecurityGroupDescription();
    String expectedGroupName = config.getElasticSecurityGroupName();
    DescribeSecurityGroupsResult result = new DescribeSecurityGroupsResult();
    SecurityGroup expectedGroup = new SecurityGroup().withGroupName(expectedGroupName).withOwnerId("123");
    result.withSecurityGroups(expectedGroup);
    when(mockEC2Client.describeSecurityGroups(any(DescribeSecurityGroupsRequest.class))).thenReturn(result);
    DescribeKeyPairsResult kpr = new DescribeKeyPairsResult().withKeyPairs(new KeyPairInfo().withKeyName("123"));
    when(mockEC2Client.describeKeyPairs(any(DescribeKeyPairsRequest.class))).thenReturn(kpr);
    // Create the security group.
    ec2SecuritySetup.setupResources();
    SecurityGroup group = resources.getElasticBeanstalkEC2SecurityGroup();
    assertEquals(expectedGroup, group);
    String groupName = group.getGroupName();
    assertNotNull(groupName);
    assertEquals(expectedGroupName, groupName);
    CreateSecurityGroupRequest groupRequest = new CreateSecurityGroupRequest(expectedGroupName, expectedDescription);
    // The create group should be called
    verify(mockEC2Client).createSecurityGroup(groupRequest);
    // Three permission should be set
    // http
    List<IpPermission> list = new LinkedList<IpPermission>();
    list.add(new IpPermission().withIpProtocol(IP_PROTOCOL_TCP).withFromPort(PORT_HTTP).withToPort(PORT_HTTP).withIpRanges(CIDR_ALL_IP));
    AuthorizeSecurityGroupIngressRequest request = new AuthorizeSecurityGroupIngressRequest(groupName, list);
    verify(mockEC2Client).authorizeSecurityGroupIngress(request);
    // https
    list = new LinkedList<IpPermission>();
    list.add(new IpPermission().withIpProtocol(IP_PROTOCOL_TCP).withFromPort(PORT_HTTPS).withToPort(PORT_HTTPS).withIpRanges(CIDR_ALL_IP));
    request = new AuthorizeSecurityGroupIngressRequest(groupName, list);
    verify(mockEC2Client).authorizeSecurityGroupIngress(request);
    // ssh
    list = new LinkedList<IpPermission>();
    list.add(new IpPermission().withIpProtocol(IP_PROTOCOL_TCP).withFromPort(PORT_SSH).withToPort(PORT_SSH).withIpRanges(config.getCIDRForSSH()));
    request = new AuthorizeSecurityGroupIngressRequest(groupName, list);
    verify(mockEC2Client).authorizeSecurityGroupIngress(request);
    // Make sure this is set
    assertNotNull(resources.getElasticBeanstalkEC2SecurityGroup());
}
Also used : DescribeSecurityGroupsRequest(com.amazonaws.services.ec2.model.DescribeSecurityGroupsRequest) KeyPairInfo(com.amazonaws.services.ec2.model.KeyPairInfo) DescribeKeyPairsRequest(com.amazonaws.services.ec2.model.DescribeKeyPairsRequest) DescribeKeyPairsResult(com.amazonaws.services.ec2.model.DescribeKeyPairsResult) SecurityGroup(com.amazonaws.services.ec2.model.SecurityGroup) CreateSecurityGroupRequest(com.amazonaws.services.ec2.model.CreateSecurityGroupRequest) LinkedList(java.util.LinkedList) AuthorizeSecurityGroupIngressRequest(com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressRequest) IpPermission(com.amazonaws.services.ec2.model.IpPermission) DescribeSecurityGroupsResult(com.amazonaws.services.ec2.model.DescribeSecurityGroupsResult) Test(org.junit.Test)

Example 8 with CreateSecurityGroupRequest

use of com.amazonaws.services.ec2.model.CreateSecurityGroupRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class EC2SecuritySetupTest method testCreateGroupDuplicate.

@Test
public void testCreateGroupDuplicate() {
    // For this case we are simulating a duplicate group exception.
    // When the group already exists an exception should not be thrown.
    AmazonServiceException exception = new AmazonServiceException("Some error");
    exception.setErrorCode(Constants.ERROR_CODE_INVALID_GROUP_DUPLICATE);
    CreateSecurityGroupRequest request = new CreateSecurityGroupRequest();
    when(mockEC2Client.createSecurityGroup(request)).thenThrow(exception);
    ec2SecuritySetup.createSecurityGroup(request);
}
Also used : AmazonServiceException(com.amazonaws.AmazonServiceException) CreateSecurityGroupRequest(com.amazonaws.services.ec2.model.CreateSecurityGroupRequest) Test(org.junit.Test)

Example 9 with CreateSecurityGroupRequest

use of com.amazonaws.services.ec2.model.CreateSecurityGroupRequest in project photon-model by vmware.

the class AWSSecurityGroupClient method createSecurityGroupAsync.

public DeferredResult<String> createSecurityGroupAsync(String name, String description, String vpcId) {
    CreateSecurityGroupRequest req = new CreateSecurityGroupRequest().withDescription(description).withGroupName(name);
    // set vpc for the security group if provided
    if (vpcId != null) {
        req = req.withVpcId(vpcId);
    }
    String message = "Create AWS Security Group with name [" + name + "] on VPC [" + vpcId + "].";
    AWSDeferredResultAsyncHandler<CreateSecurityGroupRequest, CreateSecurityGroupResult> handler = new AWSDeferredResultAsyncHandler<>(this.service, message);
    this.client.createSecurityGroupAsync(req, handler);
    return handler.toDeferredResult().thenApply(CreateSecurityGroupResult::getGroupId);
}
Also used : CreateSecurityGroupResult(com.amazonaws.services.ec2.model.CreateSecurityGroupResult) CreateSecurityGroupRequest(com.amazonaws.services.ec2.model.CreateSecurityGroupRequest)

Example 10 with CreateSecurityGroupRequest

use of com.amazonaws.services.ec2.model.CreateSecurityGroupRequest in project photon-model by vmware.

the class AWSSecurityGroupClient method createSecurityGroup.

public String createSecurityGroup(String name, String description, String vpcId) {
    CreateSecurityGroupRequest req = new CreateSecurityGroupRequest().withDescription(description).withGroupName(name);
    // set vpc for the security group if provided
    if (vpcId != null) {
        req = req.withVpcId(vpcId);
    }
    CreateSecurityGroupResult result = this.client.createSecurityGroup(req);
    return result.getGroupId();
}
Also used : CreateSecurityGroupResult(com.amazonaws.services.ec2.model.CreateSecurityGroupResult) CreateSecurityGroupRequest(com.amazonaws.services.ec2.model.CreateSecurityGroupRequest)

Aggregations

CreateSecurityGroupRequest (com.amazonaws.services.ec2.model.CreateSecurityGroupRequest)10 IpPermission (com.amazonaws.services.ec2.model.IpPermission)5 AmazonServiceException (com.amazonaws.AmazonServiceException)4 AmazonEC2 (com.amazonaws.services.ec2.AmazonEC2)4 AuthorizeSecurityGroupIngressRequest (com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressRequest)4 CreateSecurityGroupResult (com.amazonaws.services.ec2.model.CreateSecurityGroupResult)4 Test (org.junit.Test)3 DescribeKeyPairsRequest (com.amazonaws.services.ec2.model.DescribeKeyPairsRequest)2 DescribeKeyPairsResult (com.amazonaws.services.ec2.model.DescribeKeyPairsResult)2 DescribeSecurityGroupsRequest (com.amazonaws.services.ec2.model.DescribeSecurityGroupsRequest)2 DescribeSecurityGroupsResult (com.amazonaws.services.ec2.model.DescribeSecurityGroupsResult)2 IpRange (com.amazonaws.services.ec2.model.IpRange)2 SecurityGroup (com.amazonaws.services.ec2.model.SecurityGroup)2 AWSStaticCredentialsProvider (com.amazonaws.auth.AWSStaticCredentialsProvider)1 AuthorizeSecurityGroupIngressResult (com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressResult)1 CreateKeyPairRequest (com.amazonaws.services.ec2.model.CreateKeyPairRequest)1 CreateKeyPairResult (com.amazonaws.services.ec2.model.CreateKeyPairResult)1 DescribeInstancesRequest (com.amazonaws.services.ec2.model.DescribeInstancesRequest)1 DescribeInstancesResult (com.amazonaws.services.ec2.model.DescribeInstancesResult)1 KeyPairInfo (com.amazonaws.services.ec2.model.KeyPairInfo)1