Sha256: 3221c062f9181a002a4a6195196cc08c14d09e319701753dd3f33424d751f987
Contents?: true
Size: 1.82 KB
Versions: 1
Compression:
Stored size: 1.82 KB
Contents
require 'thor'
require 'thor/aws'
module Sgupdater
class CLI < Thor
include Thor::Aws
class_option :verbose, type: :boolean, default: false, aliases: [:v]
desc :show, "Show current permissions"
method_option :from_cidr, type: :string, required: true
method_option :to_cidr, type: :string, required: false
def show
client.get.each {|sg| show_security_groups(sg, options[:from_cidr], options[:to_cidr])}
end
desc :update, "Update cidr address"
method_option :from_cidr, type: :string, required: true
method_option :to_cidr, type: :string, required: true
def update
updated = client.update
if updated
puts "Update success"
else
puts "No change"
end
end
private
def client
@client ||= Client.new options, aws_configuration
end
def cidr_in_ip_permission?(ip_permission, cidr)
ip_permission.ip_ranges.select {|ip| ip.values.include? cidr}.size > 0
end
def cidr1_in_ip_permission_and_cidr2_not_in_ip_permission?(ip_permission, cidr1, cidr2)
cidr1_find = cidr_in_ip_permission?(ip_permission, cidr1)
cidr2_not_find = !cidr_in_ip_permission?(ip_permission, cidr2)
cidr1_find && cidr2_not_find
end
def ip_ranges_to_ips(ip_ranges)
ip_ranges.map {|ip_range| ip_range.values}.flatten
end
def show_security_groups(sg, from_cidr, to_cidr)
sg.ip_permissions.each do |perm|
found = false
if to_cidr
found = cidr1_in_ip_permission_and_cidr2_not_in_ip_permission?(perm, from_cidr, to_cidr)
else
found = cidr_in_ip_permission?(perm, from_cidr)
end
puts [sg.vpc_id || '(classic)', sg.group_id, sg.group_name, perm.from_port, perm.to_port, ip_ranges_to_ips(perm.ip_ranges).join(",")].join("\t") if found
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| sgupdater-0.1.2 | lib/sgupdater/cli.rb |