Java Code Examples for com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressRequest#setGroupId()

The following examples show how to use com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressRequest#setGroupId() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: BaseTest.java    From aws-mock with MIT License 5 votes vote down vote up
/**
 * Authorize SecurityGroup Ingress.
 * @param groupId the group id
 * @param ipProtocol ipProtocol for Ingress.
 * @param port portRange for Ingress.
 * @param cidrIp cidr Ip for Ingress
 * @return true if deleted, otherwise false.
 */
protected final boolean authorizeSecurityGroupIngress(final String groupId, final String ipProtocol, final Integer port, final String cidrIp) {
	AuthorizeSecurityGroupIngressRequest req = new AuthorizeSecurityGroupIngressRequest();
    req.setGroupId(groupId);
    req.setCidrIp(cidrIp);
    req.setFromPort(port);
    req.setToPort(port);
    req.setIpProtocol(ipProtocol);
    AuthorizeSecurityGroupIngressResult result = amazonEC2Client.authorizeSecurityGroupIngress(req);
    if (result != null) {
        return true;
    }

    return false;
}
 
Example 2
Source File: PublicAccessAutoFix.java    From pacbot with Apache License 2.0 4 votes vote down vote up
/**
 * Creates the security group.
 *
 * @param sourceSecurityGroupId the source security group id
 * @param vpcId the vpc id
 * @param ec2Client the ec 2 client
 * @param ipPermissionsToBeAdded the ip permissions to be added
 * @param resourceId the resource id
 * @param defaultCidrIp the default cidr ip
 * @param existingIpPermissions the existing ip permissions
 * @return the string
 * @throws Exception the exception
 */
public static String createSecurityGroup(String sourceSecurityGroupId, String vpcId, AmazonEC2 ec2Client, Collection<IpPermission> ipPermissionsToBeAdded, String resourceId,String defaultCidrIp,List<IpPermission> existingIpPermissions) throws Exception {
	String createdSecurityGroupId = null;
	try {
		CreateSecurityGroupRequest createsgRequest = new CreateSecurityGroupRequest();
		createsgRequest.setGroupName(createSecurityGroupName(pacTag,resourceId));
		createsgRequest.setVpcId(vpcId);
		createsgRequest.setDescription(createSecurityGroupDescription(sourceSecurityGroupId));
		CreateSecurityGroupResult createResult = ec2Client.createSecurityGroup(createsgRequest);
		createdSecurityGroupId = createResult.getGroupId();

		if (!createdSecurityGroupId.isEmpty()) {
			logger.info("Security Group {} created successfully" ,createdSecurityGroupId);
			// Authorize newly created securityGroup with Inbound Rules
			AuthorizeSecurityGroupIngressRequest authRequest = new AuthorizeSecurityGroupIngressRequest();
			authRequest.setGroupId(createdSecurityGroupId);
			if(ipPermissionsToBeAdded.isEmpty()){
                   IpRange ipv4Ranges = new IpRange();
                   ipv4Ranges.setCidrIp(defaultCidrIp);
				for (IpPermission ipPermission : existingIpPermissions) {

					if (!ipPermission.getIpv4Ranges().isEmpty()) {
						ipPermission.setIpv4Ranges(Arrays.asList(ipv4Ranges));
					}

					if (!ipPermission.getIpv6Ranges().isEmpty()) {
						Ipv6Range ipv6Range = new Ipv6Range();
						ipPermission.setIpv6Ranges(Arrays.asList(ipv6Range));
					}
					if (!ipPermission.getIpv4Ranges().isEmpty() || !ipPermission.getIpv6Ranges().isEmpty()) {
						ipPermissionsToBeAdded.add(ipPermission);
					}
				}
               }
			authRequest.setIpPermissions(ipPermissionsToBeAdded);
			ec2Client.authorizeSecurityGroupIngress(authRequest);
			//adding tag
			String deleteSgTag = CommonUtils.getPropValue("deleteSgTag");
			Map<String, String> tagMap = new HashMap();
			tagMap.put(deleteSgTag, "true");
			CreateTagsRequest createTagsRequest = new CreateTagsRequest(Arrays.asList(createdSecurityGroupId), new ArrayList<>());
			createTagsRequest.setTags(tagMap.entrySet().stream().map(t -> new Tag(t.getKey(), t.getValue())).collect(Collectors.toList()));
			try {
				ec2Client.createTags(createTagsRequest);
			} catch (AmazonServiceException ase) {
				logger.error("error tagging sg - > " + resourceId, ase);
				throw ase;
			}
		}

	} catch (Exception e) {
		logger.error(e.getMessage());
		logger.debug(e.getMessage());
		throw new RuntimeException(sourceSecurityGroupId+ " SG copy failed");
	}
	return createdSecurityGroupId;
}