2011-03-08 11:11:38 -05:00
|
|
|
require 'fog/core/model'
|
2011-08-17 17:31:33 -04:00
|
|
|
require 'fog/core/current_machine'
|
2011-03-08 11:11:38 -05:00
|
|
|
|
|
|
|
|
module Fog
|
|
|
|
|
module AWS
|
|
|
|
|
class RDS
|
|
|
|
|
|
|
|
|
|
class SecurityGroup < Fog::Model
|
|
|
|
|
|
|
|
|
|
identity :id, :aliases => ['DBSecurityGroupName']
|
|
|
|
|
attribute :description, :aliases => 'DBSecurityGroupDescription'
|
|
|
|
|
attribute :ec2_security_groups, :aliases => 'EC2SecurityGroups', :type => :array
|
|
|
|
|
attribute :ip_ranges, :aliases => 'IPRanges', :type => :array
|
|
|
|
|
attribute :owner_id, :aliases => 'OwnerId'
|
|
|
|
|
|
|
|
|
|
def ready?
|
|
|
|
|
(ec2_security_groups + ip_ranges).all?{|ingress| ingress['Status'] == 'authorized'}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def destroy
|
|
|
|
|
requires :id
|
2012-12-22 18:30:24 -05:00
|
|
|
service.delete_db_security_group(id)
|
2011-03-08 11:11:38 -05:00
|
|
|
true
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def save
|
|
|
|
|
requires :id
|
|
|
|
|
requires :description
|
|
|
|
|
|
2012-12-22 18:30:24 -05:00
|
|
|
data = service.create_db_security_group(id, description).body['CreateDBSecurityGroupResult']['DBSecurityGroup']
|
2011-03-08 11:11:38 -05:00
|
|
|
merge_attributes(data)
|
|
|
|
|
true
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# group_owner_id defaults to the current owner_id
|
|
|
|
|
def authorize_ec2_security_group(group_name, group_owner_id=owner_id)
|
|
|
|
|
authorize_ingress({
|
|
|
|
|
'EC2SecurityGroupName' => group_name,
|
|
|
|
|
'EC2SecurityGroupOwnerId' => group_owner_id
|
|
|
|
|
})
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authorize_cidrip(cidrip)
|
|
|
|
|
authorize_ingress({'CIDRIP' => cidrip})
|
|
|
|
|
end
|
|
|
|
|
|
2011-08-17 17:31:33 -04:00
|
|
|
# Add the current machine to the RDS security group.
|
|
|
|
|
def authorize_me
|
|
|
|
|
authorize_ip_address(Fog::CurrentMachine.ip_address)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Add the ip address to the RDS security group.
|
|
|
|
|
def authorize_ip_address(ip)
|
|
|
|
|
authorize_cidrip("#{ip}/32")
|
|
|
|
|
end
|
|
|
|
|
|
2011-03-08 11:11:38 -05:00
|
|
|
def authorize_ingress(opts)
|
2012-12-22 18:30:24 -05:00
|
|
|
data = service.authorize_db_security_group_ingress(id, opts).body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']
|
2011-03-08 11:11:38 -05:00
|
|
|
merge_attributes(data)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# group_owner_id defaults to the current owner_id
|
|
|
|
|
def revoke_ec2_security_group(group_name, group_owner_id=owner_id)
|
|
|
|
|
revoke_ingress({
|
|
|
|
|
'EC2SecurityGroupName' => group_name,
|
|
|
|
|
'EC2SecurityGroupOwnerId' => group_owner_id
|
|
|
|
|
})
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def revoke_cidrip(cidrip)
|
|
|
|
|
revoke_ingress({'CIDRIP' => cidrip})
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def revoke_ingress(opts)
|
2012-12-22 18:30:24 -05:00
|
|
|
data = service.revoke_db_security_group_ingress(id, opts).body['RevokeDBSecurityGroupIngressResult']['DBSecurityGroup']
|
2011-03-08 11:11:38 -05:00
|
|
|
merge_attributes(data)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
