Examples with DescribeSecurityGroupsRequest software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsRequest used on opensource projects

Example 1 with DescribeSecurityGroupsRequest

use of software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class EC2SecuritySetup method setupResources.

/**
 * Create the EC2 security group that all elastic beanstalk instances will belong to.
 *
 * @param ec2Client - valid AmazonEC2Client
 * @param stack - The name of this stack.
 * @param instance - The name of this stack instance.
 * @param cidrForSSH - The classless inter-domain routing to be used for SSH access to these machines.
 * @return
 */
public void setupResources() {
    CreateSecurityGroupRequest request = new CreateSecurityGroupRequest();
    request.setDescription(config.getElasticSecurityGroupDescription());
    request.setGroupName(config.getElasticSecurityGroupName());
    createSecurityGroup(request);
    // Setup the permissions for this group:
    // Allow anyone to access port 80 (HTTP)
    addPermission(request.getGroupName(), new IpPermission().withIpProtocol(IP_PROTOCOL_TCP).withFromPort(PORT_HTTP).withToPort(PORT_HTTP).withIpRanges(CIDR_ALL_IP));
    // Allow anyone to access port 443 (HTTPS)
    addPermission(request.getGroupName(), new IpPermission().withIpProtocol(IP_PROTOCOL_TCP).withFromPort(PORT_HTTPS).withToPort(PORT_HTTPS).withIpRanges(CIDR_ALL_IP));
    // Only allow ssh to the given address
    addPermission(request.getGroupName(), new IpPermission().withIpProtocol(IP_PROTOCOL_TCP).withFromPort(PORT_SSH).withToPort(PORT_SSH).withIpRanges(config.getCIDRForSSH()));
    // Return the group name
    DescribeSecurityGroupsResult result = ec2Client.describeSecurityGroups(new DescribeSecurityGroupsRequest().withGroupNames(request.getGroupName()));
    if (result.getSecurityGroups() == null || result.getSecurityGroups().size() != 1)
        throw new IllegalStateException("Did not find one and ony one EC2 secruity group with the name: " + request.getGroupName());
    // Add this to the resources
    SecurityGroup group = result.getSecurityGroups().get(0);
    resources.setElasticBeanstalkEC2SecurityGroup(group);
    // Create the key pair.
    resources.setStackKeyPair(createOrGetKeyPair());
}

Example 2 with DescribeSecurityGroupsRequest

use of software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsRequest in project Synapse-Stack-Builder by Sage-Bionetworks.

the class BuildStackMainTest method before.

@Before
public void before() throws IOException {
    inputProps = TestHelper.createInputProperties("dev");
    InputConfiguration config = TestHelper.createTestConfig("dev");
    defaultProps = TestHelper.createDefaultProperties();
    clientFactory = new MockAmazonClientFactory();
    AmazonS3Client mockS3Client = clientFactory.createS3Client();
    AmazonEC2Client mockEC2Client = clientFactory.createEC2Client();
    AmazonSNSClient mockSNSnsClient = clientFactory.createSNSClient();
    AmazonRDSClient mockRdsClient = clientFactory.createRDSClient();
    // Write the default properties.
    when(mockS3Client.getObject(any(GetObjectRequest.class), any(File.class))).thenAnswer(new Answer<ObjectMetadata>() {

        public ObjectMetadata answer(InvocationOnMock invocation) throws Throwable {
            // Write the property file
            File file = (File) invocation.getArguments()[1];
            FileWriter writer = new FileWriter(file);
            try {
                defaultProps.store(writer, "test generated");
            } finally {
                writer.close();
            }
            return new ObjectMetadata();
        }
    });
    // Return a valid EC2 security group.
    DescribeSecurityGroupsRequest dsgr = new DescribeSecurityGroupsRequest().withGroupNames(config.getElasticSecurityGroupName());
    when(mockEC2Client.describeSecurityGroups(dsgr)).thenReturn(new DescribeSecurityGroupsResult().withSecurityGroups(new SecurityGroup().withGroupName(config.getElasticSecurityGroupName())));
    // Return a valid topic
    String topicArn = "some:arn";
    when(mockSNSnsClient.createTopic(new CreateTopicRequest(config.getRDSAlertTopicName()))).thenReturn(new CreateTopicResult().withTopicArn(topicArn));
    when(mockSNSnsClient.listSubscriptionsByTopic(new ListSubscriptionsByTopicRequest(topicArn))).thenReturn(new ListSubscriptionsByTopicResult().withSubscriptions(new Subscription()));
    // return a valid group
    when(mockRdsClient.describeDBParameterGroups(new DescribeDBParameterGroupsRequest().withDBParameterGroupName(config.getDatabaseParameterGroupName()))).thenReturn(new DescribeDBParameterGroupsResult().withDBParameterGroups(new DBParameterGroup().withDBParameterGroupName(config.getDatabaseParameterGroupName())));
    when(mockRdsClient.describeDBParameters(new DescribeDBParametersRequest().withDBParameterGroupName(config.getDatabaseParameterGroupName()))).thenReturn(new DescribeDBParametersResult().withParameters(new Parameter().withParameterName(Constants.DB_PARAM_KEY_SLOW_QUERY_LOG)).withParameters(new Parameter().withParameterName(Constants.DB_PARAM_KEY_LONG_QUERY_TIME)));
}

Example 3 with DescribeSecurityGroupsRequest

use of software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsRequest in project photon-model by vmware.

the class AWSRemoteCleanup method deleteSecurityGroups.

private void deleteSecurityGroups(String vpcId, AmazonEC2 usEastEc2Client) {
    DescribeSecurityGroupsRequest securityGroupsRequest = new DescribeSecurityGroupsRequest().withFilters(new Filter(VPC_KEY, Collections.singletonList(vpcId)));
    DescribeSecurityGroupsResult securityGroupsResult = usEastEc2Client.describeSecurityGroups(securityGroupsRequest);
    securityGroupsResult.getSecurityGroups().forEach(securityGroup -> {
        if (!(securityGroup.getGroupName().equalsIgnoreCase(DEFAULT_TAG))) {
            DeleteSecurityGroupRequest deleteSecurityGroupRequest = new DeleteSecurityGroupRequest().withGroupId(securityGroup.getGroupId());
            this.host.log("Terminating stale security group: %s", securityGroup.getGroupId());
            usEastEc2Client.deleteSecurityGroup(deleteSecurityGroupRequest);
        }
    });
}

Example 4 with DescribeSecurityGroupsRequest

use of software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsRequest in project photon-model by vmware.

the class AWSSecurityGroupClient method getSecurityGroups.

public List<SecurityGroup> getSecurityGroups(List<String> names, String vpcId) {
    DescribeSecurityGroupsRequest req = new DescribeSecurityGroupsRequest();
    req.withFilters(new Filter(AWS_GROUP_NAME_FILTER, names));
    if (vpcId != null) {
        req.withFilters(new Filter(AWS_VPC_ID_FILTER, Collections.singletonList(vpcId)));
    }
    DescribeSecurityGroupsResult groups = this.client.describeSecurityGroups(req);
    return groups != null ? groups.getSecurityGroups() : Collections.emptyList();
}

Example 5 with DescribeSecurityGroupsRequest

use of software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsRequest in project photon-model by vmware.

the class AWSSecurityGroupClient method getDefaultSecurityGroup.

public SecurityGroup getDefaultSecurityGroup(String vpcId) {
    SecurityGroup cellGroup = null;
    DescribeSecurityGroupsRequest req = new DescribeSecurityGroupsRequest().withFilters(new Filter("group-name", Collections.singletonList(DEFAULT_SECURITY_GROUP_NAME)));
    if (vpcId != null) {
        req.withFilters(new Filter("vpc-id", Collections.singletonList(vpcId)));
    }
    DescribeSecurityGroupsResult cellGroups = this.client.describeSecurityGroups(req);
    if (cellGroups != null && !cellGroups.getSecurityGroups().isEmpty()) {
        cellGroup = cellGroups.getSecurityGroups().get(0);
    }
    return cellGroup;
}