Class EC2SecurityGroupExtension
- java.lang.Object
-
- org.jclouds.ec2.compute.extensions.EC2SecurityGroupExtension
-
- All Implemented Interfaces:
SecurityGroupExtension
- Direct Known Subclasses:
AWSEC2SecurityGroupExtension
public class EC2SecurityGroupExtension extends Object implements SecurityGroupExtension
An extension to compute service to allow for the manipulation ofSecurityGroup
s. Implementation is optional by providers.
-
-
Field Summary
Fields Modifier and Type Field Description protected EC2Api
client
protected com.google.common.base.Function<SecurityGroup,SecurityGroup>
groupConverter
protected com.google.common.cache.LoadingCache<RegionAndName,String>
groupCreator
protected com.google.common.base.Supplier<Set<? extends Location>>
locations
protected GroupNamingConvention.Factory
namingConvention
protected com.google.common.base.Supplier<Set<String>>
regions
protected com.google.common.util.concurrent.ListeningExecutorService
userExecutor
-
Constructor Summary
Constructors Constructor Description EC2SecurityGroupExtension(EC2Api client, com.google.common.util.concurrent.ListeningExecutorService userExecutor, com.google.common.base.Supplier<Set<String>> regions, com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter, com.google.common.base.Supplier<Set<? extends Location>> locations, com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator, GroupNamingConvention.Factory namingConvention)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SecurityGroup
addIpPermission(IpPermission ipPermission, SecurityGroup group)
Add a @{link IpPermission} to an existing @{link SecurityGroup}.SecurityGroup
addIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)
Add a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given.protected com.google.common.base.Function<String,Set<? extends SecurityGroup>>
allSecurityGroupsInRegion()
SecurityGroup
createSecurityGroup(String name, String region)
SecurityGroup
createSecurityGroup(String name, Location location)
Create a new @{link SecurityGroup} from the parameters given.protected Location
findLocationWithId(String locationId)
SecurityGroup
getSecurityGroupById(String id)
Get a security group by id.Set<SecurityGroup>
listSecurityGroups()
List security groups.Set<SecurityGroup>
listSecurityGroupsForNode(String id)
List security groups for a given instance given the instance's ID.Set<SecurityGroup>
listSecurityGroupsInLocation(String region)
Set<SecurityGroup>
listSecurityGroupsInLocation(Location location)
List security groups in a given @{link Location}.protected Iterable<? extends SecurityGroup>
pollSecurityGroups()
protected Iterable<? extends SecurityGroup>
pollSecurityGroupsByRegion(String region)
SecurityGroup
removeIpPermission(IpPermission ipPermission, SecurityGroup group)
Remove a @{link IpPermission} from an existing @{link SecurityGroup}.SecurityGroup
removeIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)
Remove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given.boolean
removeSecurityGroup(String id)
Remove an existing @{link SecurityGroup}, and its permissions.boolean
supportsExclusionCidrBlocks()
Returns true if this SecurityGroupExtension supports exclusion CIDR groups.boolean
supportsGroupIds()
Returns true if this SecurityGroupExtension supports group IDs.boolean
supportsPortRangesForGroups()
Returns true if this SecurityGroupExtension supports port ranges for group authorization.boolean
supportsTenantIdGroupIdPairs()
Returns true if this SecurityGroupExtension supports tenant ID + group ID pairs.boolean
supportsTenantIdGroupNamePairs()
Returns true if this SecurityGroupExtension supports tenant ID + group name pairs.
-
-
-
Field Detail
-
client
protected final EC2Api client
-
userExecutor
protected final com.google.common.util.concurrent.ListeningExecutorService userExecutor
-
groupConverter
protected final com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter
-
groupCreator
protected final com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator
-
namingConvention
protected final GroupNamingConvention.Factory namingConvention
-
-
Constructor Detail
-
EC2SecurityGroupExtension
@Inject public EC2SecurityGroupExtension(EC2Api client, @Named("jclouds.user-threads") com.google.common.util.concurrent.ListeningExecutorService userExecutor, com.google.common.base.Supplier<Set<String>> regions, com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter, com.google.common.base.Supplier<Set<? extends Location>> locations, @Named("SECURITY") com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator, GroupNamingConvention.Factory namingConvention)
-
-
Method Detail
-
listSecurityGroups
public Set<SecurityGroup> listSecurityGroups()
Description copied from interface:SecurityGroupExtension
List security groups.- Specified by:
listSecurityGroups
in interfaceSecurityGroupExtension
- Returns:
- The set of @{link SecurityGroup}s we have access to.
-
listSecurityGroupsInLocation
public Set<SecurityGroup> listSecurityGroupsInLocation(Location location)
Description copied from interface:SecurityGroupExtension
List security groups in a given @{link Location}.- Specified by:
listSecurityGroupsInLocation
in interfaceSecurityGroupExtension
- Returns:
- The set of @{link SecurityGroup}s we have access to in the given location.
-
listSecurityGroupsInLocation
public Set<SecurityGroup> listSecurityGroupsInLocation(String region)
-
listSecurityGroupsForNode
public Set<SecurityGroup> listSecurityGroupsForNode(String id)
Description copied from interface:SecurityGroupExtension
List security groups for a given instance given the instance's ID.- Specified by:
listSecurityGroupsForNode
in interfaceSecurityGroupExtension
- Returns:
- The set of @{link SecurityGroup}s for the given instance..
-
getSecurityGroupById
public SecurityGroup getSecurityGroupById(String id)
Description copied from interface:SecurityGroupExtension
Get a security group by id.- Specified by:
getSecurityGroupById
in interfaceSecurityGroupExtension
- Returns:
- The @{link SecurityGroup}, if it exists.
-
createSecurityGroup
public SecurityGroup createSecurityGroup(String name, Location location)
Description copied from interface:SecurityGroupExtension
Create a new @{link SecurityGroup} from the parameters given.- Specified by:
createSecurityGroup
in interfaceSecurityGroupExtension
- Parameters:
name
- The name of the security grouplocation
- The @{link Location} of the security group- Returns:
- The SecurityGroup that has been created.
-
createSecurityGroup
public SecurityGroup createSecurityGroup(String name, String region)
-
removeSecurityGroup
public boolean removeSecurityGroup(String id)
Description copied from interface:SecurityGroupExtension
Remove an existing @{link SecurityGroup}, and its permissions.- Specified by:
removeSecurityGroup
in interfaceSecurityGroupExtension
- Parameters:
id
- The id of the SecurityGroup to delete.- Returns:
- true if we were able to remove the group, false otherwise.
-
addIpPermission
public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group)
Description copied from interface:SecurityGroupExtension
Add a @{link IpPermission} to an existing @{link SecurityGroup}. Applies the permission to the security group on the provider.- Specified by:
addIpPermission
in interfaceSecurityGroupExtension
group
- The SecurityGroup to add the permission to.- Returns:
- The SecurityGroup with the new permission added, after the permission has been applied on the provider.
-
addIpPermission
public SecurityGroup addIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)
Description copied from interface:SecurityGroupExtension
Add a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given. Applies the permission to the security group on the provider.- Specified by:
addIpPermission
in interfaceSecurityGroupExtension
- Parameters:
protocol
- The @{link IpProtocol} for the permission.startPort
- The first port in the range to be opened, or -1 for ICMP.endPort
- The last port in the range to be opened, or -1 for ICMP.tenantIdGroupNamePairs
- source of traffic allowed is on basis of another group in a tenant, as opposed to by cidripRanges
- An Iterable of Strings representing the IP range(s) the permission should allow.groupIds
- An Iterable of @{link SecurityGroup} IDs this permission should allow.group
- The SecurityGroup to add the permission to.- Returns:
- The SecurityGroup with the new permission added, after the permission has been applied on the provider.
-
removeIpPermission
public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group)
Description copied from interface:SecurityGroupExtension
Remove a @{link IpPermission} from an existing @{link SecurityGroup}. Removes the permission from the security group on the provider.- Specified by:
removeIpPermission
in interfaceSecurityGroupExtension
group
- The SecurityGroup to remove the permission from.- Returns:
- The SecurityGroup with the permission removed, after the permission has been removed on the provider.
-
removeIpPermission
public SecurityGroup removeIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)
Description copied from interface:SecurityGroupExtension
Remove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given. Removes the permission from the security group on the provider.- Specified by:
removeIpPermission
in interfaceSecurityGroupExtension
- Parameters:
protocol
- The @{link IpProtocol} for the permission.startPort
- The first port in the range to be opened, or -1 for ICMP.endPort
- The last port in the range to be opened, or -1 for ICMP.tenantIdGroupNamePairs
- source of traffic allowed is on basis of another group in a tenant, as opposed to by cidripRanges
- An Iterable of Strings representing the IP range(s) the permission should allow.groupIds
- An Iterable of @{link SecurityGroup} IDs this permission should allow.group
- The SecurityGroup to remove the permission from.- Returns:
- The SecurityGroup with the permission removed, after the permission has been removed from the provider.
-
supportsTenantIdGroupNamePairs
public boolean supportsTenantIdGroupNamePairs()
Description copied from interface:SecurityGroupExtension
Returns true if this SecurityGroupExtension supports tenant ID + group name pairs.- Specified by:
supportsTenantIdGroupNamePairs
in interfaceSecurityGroupExtension
-
supportsTenantIdGroupIdPairs
public boolean supportsTenantIdGroupIdPairs()
Description copied from interface:SecurityGroupExtension
Returns true if this SecurityGroupExtension supports tenant ID + group ID pairs.- Specified by:
supportsTenantIdGroupIdPairs
in interfaceSecurityGroupExtension
-
supportsGroupIds
public boolean supportsGroupIds()
Description copied from interface:SecurityGroupExtension
Returns true if this SecurityGroupExtension supports group IDs.- Specified by:
supportsGroupIds
in interfaceSecurityGroupExtension
-
supportsPortRangesForGroups
public boolean supportsPortRangesForGroups()
Description copied from interface:SecurityGroupExtension
Returns true if this SecurityGroupExtension supports port ranges for group authorization.- Specified by:
supportsPortRangesForGroups
in interfaceSecurityGroupExtension
-
supportsExclusionCidrBlocks
public boolean supportsExclusionCidrBlocks()
Description copied from interface:SecurityGroupExtension
Returns true if this SecurityGroupExtension supports exclusion CIDR groups.- Specified by:
supportsExclusionCidrBlocks
in interfaceSecurityGroupExtension
-
pollSecurityGroups
protected Iterable<? extends SecurityGroup> pollSecurityGroups()
-
pollSecurityGroupsByRegion
protected Iterable<? extends SecurityGroup> pollSecurityGroupsByRegion(String region)
-
allSecurityGroupsInRegion
protected com.google.common.base.Function<String,Set<? extends SecurityGroup>> allSecurityGroupsInRegion()
-
-