Examples with AuthorizeDBSecurityGroupIngressRequest com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest used on opensource projects

Search in sources :

Example 1 with AuthorizeDBSecurityGroupIngressRequest

use of com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class DatabaseSecuritySetup method addCIDRToGroup.

/**
 * Add a Classless Inter-Domain Routing (CIDR) to a database security group.  This will grant anyone within
 * the CIDR to access this database.
 * @param rdsClient
 * @param groupName
 * @param cIDR
 */
void addCIDRToGroup(String groupName, String cIDR) {
    // Make sure we can access the machines from with the VPN
    try {
        // Configure this group
        AuthorizeDBSecurityGroupIngressRequest ingressRequest = new AuthorizeDBSecurityGroupIngressRequest(groupName);
        ingressRequest.setCIDRIP(cIDR);
        log.info(String.format("Adding CIDR '%1$s' to database security group: '%2$s'...", cIDR, groupName));
        rdsClient.authorizeDBSecurityGroupIngress(ingressRequest);
    } catch (AmazonServiceException e) {
        // Ignore duplicates
        if (ERROR_CODE_AUTHORIZATION_ALREADY_EXITS.equals(e.getErrorCode())) {
            // This already exists
            log.info(String.format("CIDR '%1$s' already has acces to DB security group '%2$s'", cIDR, groupName));
        } else {
            // Throw any other error
            throw e;
        }
    }
}
Also used : AuthorizeDBSecurityGroupIngressRequest(com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest) AmazonServiceException(com.amazonaws.AmazonServiceException)

Example 2 with AuthorizeDBSecurityGroupIngressRequest

use of com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class DatabaseSecuritySetup method addEC2SecurityGroup.

/**
 * Add an EC2 Security group to a database security group.  This will allow any EC2 instance in that group to access this database.
 * @param ec2Client
 * @param groupName
 * @param permission
 */
void addEC2SecurityGroup(String groupName, SecurityGroup elasticSecurityGroup) {
    // Make sure we can access the machines from with the VPN
    try {
        // Configure this group
        AuthorizeDBSecurityGroupIngressRequest ingressRequest = new AuthorizeDBSecurityGroupIngressRequest(groupName);
        ingressRequest.setEC2SecurityGroupOwnerId(elasticSecurityGroup.getOwnerId());
        ingressRequest.setEC2SecurityGroupName(elasticSecurityGroup.getGroupName());
        log.info(String.format("Adding EC2 security group '%1$s' to database security group: '%2$s'...", elasticSecurityGroup.getGroupName(), groupName));
        rdsClient.authorizeDBSecurityGroupIngress(ingressRequest);
    } catch (AmazonServiceException e) {
        // Ignore duplicates
        if (ERROR_CODE_AUTHORIZATION_ALREADY_EXITS.equals(e.getErrorCode())) {
            // This already exists
            log.info(String.format("EC2 secruity group '%1$s' already has acces to DB security group '%2$s'", elasticSecurityGroup.getGroupName(), groupName));
        } else {
            // Throw any other error
            throw e;
        }
    }
}
Also used : AuthorizeDBSecurityGroupIngressRequest(com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest) AmazonServiceException(com.amazonaws.AmazonServiceException)

Example 3 with AuthorizeDBSecurityGroupIngressRequest

use of com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class DatabaseSecuritySetupTest method testAddEC2SecurityGroupDuplicateError.

/**
 * When a duplicate is error is thrown we it should not be re-thrown.
 */
@Test
public void testAddEC2SecurityGroupDuplicateError() {
    String dbGroupName = "dbGroupName";
    AuthorizeDBSecurityGroupIngressRequest expectedIngress = new AuthorizeDBSecurityGroupIngressRequest(dbGroupName);
    expectedIngress.setEC2SecurityGroupOwnerId(elasticSecurityGroup.getOwnerId());
    expectedIngress.setEC2SecurityGroupName(elasticSecurityGroup.getGroupName());
    AmazonServiceException unknown = new AmazonServiceException("Unknonwn");
    unknown.setErrorCode(ERROR_CODE_AUTHORIZATION_ALREADY_EXITS);
    when(mockClient.authorizeDBSecurityGroupIngress(any(AuthorizeDBSecurityGroupIngressRequest.class))).thenThrow(unknown);
    // Make the call
    databaseSecuritySetup.addEC2SecurityGroup(dbGroupName, elasticSecurityGroup);
    // Validate the data was passed
    verify(mockClient, times(1)).authorizeDBSecurityGroupIngress(expectedIngress);
}
Also used : AuthorizeDBSecurityGroupIngressRequest(com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest) AmazonServiceException(com.amazonaws.AmazonServiceException) Test(org.junit.Test)

Example 4 with AuthorizeDBSecurityGroupIngressRequest

use of com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class DatabaseSecuritySetupTest method testAddCIDRToGroup.

/**
 * Verify the request is made as expected.
 */
@Test
public void testAddCIDRToGroup() {
    String dbGroupName = "dbGroupName";
    String cIDR = "0.0.0.0/255";
    AuthorizeDBSecurityGroupIngressRequest expectedIngress = new AuthorizeDBSecurityGroupIngressRequest(dbGroupName);
    expectedIngress.setCIDRIP(cIDR);
    AmazonServiceException unknown = new AmazonServiceException("Unknonwn");
    unknown.setErrorCode(ERROR_CODE_AUTHORIZATION_ALREADY_EXITS);
    when(mockClient.authorizeDBSecurityGroupIngress(any(AuthorizeDBSecurityGroupIngressRequest.class))).thenReturn(new DBSecurityGroup());
    // Make the call
    databaseSecuritySetup.addCIDRToGroup(dbGroupName, cIDR);
    // Validate the data was passed
    verify(mockClient, times(1)).authorizeDBSecurityGroupIngress(expectedIngress);
}
Also used : AuthorizeDBSecurityGroupIngressRequest(com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest) AmazonServiceException(com.amazonaws.AmazonServiceException) DBSecurityGroup(com.amazonaws.services.rds.model.DBSecurityGroup) Test(org.junit.Test)

Example 5 with AuthorizeDBSecurityGroupIngressRequest

use of com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class DatabaseSecuritySetupTest method testSetupDatabaseAllSecurityGroups.

/**
 * Test that the expected security groups are created.
 */
@Test
public void testSetupDatabaseAllSecurityGroups() {
    // Id gen
    DBSecurityGroup expectedIdGroup = new DBSecurityGroup().withDBSecurityGroupName(config.getIdGeneratorDatabaseSecurityGroupName());
    DescribeDBSecurityGroupsResult result = new DescribeDBSecurityGroupsResult().withDBSecurityGroups(expectedIdGroup);
    when(mockClient.describeDBSecurityGroups(new DescribeDBSecurityGroupsRequest().withDBSecurityGroupName(config.getIdGeneratorDatabaseSecurityGroupName()))).thenReturn(result);
    // stack
    DBSecurityGroup expectedStackGroup = new DBSecurityGroup().withDBSecurityGroupName(config.getStackDatabaseSecurityGroupName());
    result = new DescribeDBSecurityGroupsResult().withDBSecurityGroups(expectedStackGroup);
    when(mockClient.describeDBSecurityGroups(new DescribeDBSecurityGroupsRequest().withDBSecurityGroupName(config.getStackDatabaseSecurityGroupName()))).thenReturn(result);
    // Make the call
    databaseSecuritySetup.setupDatabaseAllSecurityGroups();
    // Verify the expected calls
    // Id gen db security group
    CreateDBSecurityGroupRequest request = new CreateDBSecurityGroupRequest();
    request.setDBSecurityGroupDescription(config.getIdGeneratorDatabaseSecurityGroupDescription());
    request.setDBSecurityGroupName(config.getIdGeneratorDatabaseSecurityGroupName());
    verify(mockClient, times(1)).createDBSecurityGroup(request);
    // Stack db security group
    request = new CreateDBSecurityGroupRequest();
    request.setDBSecurityGroupDescription(config.getStackDatabaseSecurityGroupDescription());
    request.setDBSecurityGroupName(config.getStackDatabaseSecurityGroupName());
    verify(mockClient, times(1)).createDBSecurityGroup(request);
    // Check the access adds
    // Add to id gen group
    AuthorizeDBSecurityGroupIngressRequest ingressRequest = new AuthorizeDBSecurityGroupIngressRequest(config.getIdGeneratorDatabaseSecurityGroupName());
    ingressRequest.setEC2SecurityGroupOwnerId(elasticSecurityGroup.getOwnerId());
    ingressRequest.setEC2SecurityGroupName(elasticSecurityGroup.getGroupName());
    verify(mockClient, times(1)).authorizeDBSecurityGroupIngress(ingressRequest);
    // add id gen CIDR
    ingressRequest = new AuthorizeDBSecurityGroupIngressRequest(config.getIdGeneratorDatabaseSecurityGroupName());
    ingressRequest.setCIDRIP(config.getCIDRForSSH());
    verify(mockClient, times(1)).authorizeDBSecurityGroupIngress(ingressRequest);
    // add to the stack db group
    // Check the access adds
    ingressRequest = new AuthorizeDBSecurityGroupIngressRequest(config.getStackDatabaseSecurityGroupName());
    ingressRequest.setEC2SecurityGroupOwnerId(elasticSecurityGroup.getOwnerId());
    ingressRequest.setEC2SecurityGroupName(elasticSecurityGroup.getGroupName());
    verify(mockClient, times(1)).authorizeDBSecurityGroupIngress(ingressRequest);
    // add stack CIDR
    ingressRequest = new AuthorizeDBSecurityGroupIngressRequest(config.getStackDatabaseSecurityGroupName());
    ingressRequest.setCIDRIP(config.getCIDRForSSH());
    verify(mockClient, times(1)).authorizeDBSecurityGroupIngress(ingressRequest);
    // Make sure the groups are set in the resources
    assertEquals(expectedIdGroup, resources.getIdGeneratorDatabaseSecurityGroup());
    assertEquals(expectedStackGroup, resources.getStackInstancesDatabaseSecurityGroup());
}
Also used : DescribeDBSecurityGroupsRequest(com.amazonaws.services.rds.model.DescribeDBSecurityGroupsRequest) AuthorizeDBSecurityGroupIngressRequest(com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest) CreateDBSecurityGroupRequest(com.amazonaws.services.rds.model.CreateDBSecurityGroupRequest) DBSecurityGroup(com.amazonaws.services.rds.model.DBSecurityGroup) DescribeDBSecurityGroupsResult(com.amazonaws.services.rds.model.DescribeDBSecurityGroupsResult) Test(org.junit.Test)

Aggregations

AuthorizeDBSecurityGroupIngressRequest (com.amazonaws.services.rds.model.AuthorizeDBSecurityGroupIngressRequest)7 AmazonServiceException (com.amazonaws.AmazonServiceException)6 Test (org.junit.Test)5 DBSecurityGroup (com.amazonaws.services.rds.model.DBSecurityGroup)3 CreateDBSecurityGroupRequest (com.amazonaws.services.rds.model.CreateDBSecurityGroupRequest)1 DescribeDBSecurityGroupsRequest (com.amazonaws.services.rds.model.DescribeDBSecurityGroupsRequest)1 DescribeDBSecurityGroupsResult (com.amazonaws.services.rds.model.DescribeDBSecurityGroupsResult)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial