Class NovaSecurityGroupExtension
java.lang.Object
org.jclouds.openstack.nova.v2_0.compute.extensions.NovaSecurityGroupExtension
- All Implemented Interfaces:
SecurityGroupExtension
An extension to compute service to allow for the manipulation of
SecurityGroups. Implementation
is optional by providers.-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final NovaApiprotected final com.google.common.base.Function<SecurityGroupInRegion, SecurityGroup> protected final com.google.common.cache.LoadingCache<RegionAndName, SecurityGroup> protected final GroupNamingConvention.Factoryprotected final com.google.common.util.concurrent.ListeningExecutorService -
Constructor Summary
ConstructorsConstructorDescriptionNovaSecurityGroupExtension(NovaApi api, com.google.common.util.concurrent.ListeningExecutorService userExecutor, com.google.common.base.Supplier<Set<String>> regionIds, com.google.common.base.Function<SecurityGroupInRegion, SecurityGroup> groupConverter, com.google.common.cache.LoadingCache<RegionAndName, SecurityGroup> groupCreator, GroupNamingConvention.Factory namingConvention) -
Method Summary
Modifier and TypeMethodDescriptionaddIpPermission(IpPermission ipPermission, SecurityGroup group) Add a @{link IpPermission} to an existing @{link SecurityGroup}.addIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String, String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group) Add a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given.protected com.google.common.base.Function<String, Set<? extends SecurityGroupInRegion>> createSecurityGroup(String name, String region) createSecurityGroup(String name, Location location) Create a new @{link SecurityGroup} from the parameters given.Get a security group by id.protected com.google.common.base.Function<SecurityGroup, SecurityGroupInRegion> groupToGroupInRegion(Iterable<SecurityGroup> allGroups, String region) List security groups.List security groups for a given instance given the instance's ID.listSecurityGroupsInLocation(String region) listSecurityGroupsInLocation(Location location) List security groups in a given @{link Location}.protected Iterable<? extends SecurityGroupInRegion> protected Iterable<? extends SecurityGroupInRegion> pollSecurityGroupsByRegion(String region) removeIpPermission(IpPermission ipPermission, SecurityGroup group) Remove a @{link IpPermission} from an existing @{link SecurityGroup}.removeIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String, String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group) Remove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given.booleanRemove an existing @{link SecurityGroup}, and its permissions.booleanReturns true if this SecurityGroupExtension supports exclusion CIDR groups.booleanReturns true if this SecurityGroupExtension supports group IDs.booleanReturns true if this SecurityGroupExtension supports port ranges for group authorization.booleanReturns true if this SecurityGroupExtension supports tenant ID + group ID pairs.booleanReturns true if this SecurityGroupExtension supports tenant ID + group name pairs.
-
Field Details
-
api
-
userExecutor
protected final com.google.common.util.concurrent.ListeningExecutorService userExecutor -
regionIds
-
groupConverter
-
groupCreator
-
namingConvention
-
-
Constructor Details
-
NovaSecurityGroupExtension
@Inject public NovaSecurityGroupExtension(NovaApi api, @Named("jclouds.user-threads") com.google.common.util.concurrent.ListeningExecutorService userExecutor, com.google.common.base.Supplier<Set<String>> regionIds, com.google.common.base.Function<SecurityGroupInRegion, SecurityGroup> groupConverter, com.google.common.cache.LoadingCache<RegionAndName, SecurityGroup> groupCreator, GroupNamingConvention.Factory namingConvention)
-
-
Method Details
-
listSecurityGroups
Description copied from interface:SecurityGroupExtensionList security groups.- Specified by:
listSecurityGroupsin interfaceSecurityGroupExtension- Returns:
- The set of @{link SecurityGroup}s we have access to.
-
listSecurityGroupsInLocation
Description copied from interface:SecurityGroupExtensionList security groups in a given @{link Location}.- Specified by:
listSecurityGroupsInLocationin interfaceSecurityGroupExtension- Returns:
- The set of @{link SecurityGroup}s we have access to in the given location.
-
listSecurityGroupsInLocation
-
listSecurityGroupsForNode
Description copied from interface:SecurityGroupExtensionList security groups for a given instance given the instance's ID.- Specified by:
listSecurityGroupsForNodein interfaceSecurityGroupExtension- Returns:
- The set of @{link SecurityGroup}s for the given instance..
-
getSecurityGroupById
Description copied from interface:SecurityGroupExtensionGet a security group by id.- Specified by:
getSecurityGroupByIdin interfaceSecurityGroupExtension- Returns:
- The @{link SecurityGroup}, if it exists.
-
createSecurityGroup
Description copied from interface:SecurityGroupExtensionCreate a new @{link SecurityGroup} from the parameters given.- Specified by:
createSecurityGroupin interfaceSecurityGroupExtension- Parameters:
name- The name of the security grouplocation- The @{link Location} of the security group- Returns:
- The SecurityGroup that has been created.
-
createSecurityGroup
-
removeSecurityGroup
Description copied from interface:SecurityGroupExtensionRemove an existing @{link SecurityGroup}, and its permissions.- Specified by:
removeSecurityGroupin interfaceSecurityGroupExtension- Parameters:
id- The id of the SecurityGroup to delete.- Returns:
- true if we were able to remove the group, false otherwise.
-
addIpPermission
Description copied from interface:SecurityGroupExtensionAdd a @{link IpPermission} to an existing @{link SecurityGroup}. Applies the permission to the security group on the provider.- Specified by:
addIpPermissionin interfaceSecurityGroupExtension- Parameters:
group- The SecurityGroup to add the permission to.- Returns:
- The SecurityGroup with the new permission added, after the permission has been applied on the provider.
-
addIpPermission
public SecurityGroup addIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String, String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group) Description copied from interface:SecurityGroupExtensionAdd a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given. Applies the permission to the security group on the provider.- Specified by:
addIpPermissionin interfaceSecurityGroupExtension- Parameters:
protocol- The @{link IpProtocol} for the permission.startPort- The first port in the range to be opened, or -1 for ICMP.endPort- The last port in the range to be opened, or -1 for ICMP.tenantIdGroupNamePairs- source of traffic allowed is on basis of another group in a tenant, as opposed to by cidripRanges- An Iterable of Strings representing the IP range(s) the permission should allow.groupIds- An Iterable of @{link SecurityGroup} IDs this permission should allow.group- The SecurityGroup to add the permission to.- Returns:
- The SecurityGroup with the new permission added, after the permission has been applied on the provider.
-
removeIpPermission
Description copied from interface:SecurityGroupExtensionRemove a @{link IpPermission} from an existing @{link SecurityGroup}. Removes the permission from the security group on the provider.- Specified by:
removeIpPermissionin interfaceSecurityGroupExtension- Parameters:
group- The SecurityGroup to remove the permission from.- Returns:
- The SecurityGroup with the permission removed, after the permission has been removed on the provider.
-
removeIpPermission
public SecurityGroup removeIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String, String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group) Description copied from interface:SecurityGroupExtensionRemove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given. Removes the permission from the security group on the provider.- Specified by:
removeIpPermissionin interfaceSecurityGroupExtension- Parameters:
protocol- The @{link IpProtocol} for the permission.startPort- The first port in the range to be opened, or -1 for ICMP.endPort- The last port in the range to be opened, or -1 for ICMP.tenantIdGroupNamePairs- source of traffic allowed is on basis of another group in a tenant, as opposed to by cidripRanges- An Iterable of Strings representing the IP range(s) the permission should allow.groupIds- An Iterable of @{link SecurityGroup} IDs this permission should allow.group- The SecurityGroup to remove the permission from.- Returns:
- The SecurityGroup with the permission removed, after the permission has been removed from the provider.
-
supportsTenantIdGroupNamePairs
public boolean supportsTenantIdGroupNamePairs()Description copied from interface:SecurityGroupExtensionReturns true if this SecurityGroupExtension supports tenant ID + group name pairs.- Specified by:
supportsTenantIdGroupNamePairsin interfaceSecurityGroupExtension
-
supportsTenantIdGroupIdPairs
public boolean supportsTenantIdGroupIdPairs()Description copied from interface:SecurityGroupExtensionReturns true if this SecurityGroupExtension supports tenant ID + group ID pairs.- Specified by:
supportsTenantIdGroupIdPairsin interfaceSecurityGroupExtension
-
supportsGroupIds
public boolean supportsGroupIds()Description copied from interface:SecurityGroupExtensionReturns true if this SecurityGroupExtension supports group IDs.- Specified by:
supportsGroupIdsin interfaceSecurityGroupExtension
-
supportsPortRangesForGroups
public boolean supportsPortRangesForGroups()Description copied from interface:SecurityGroupExtensionReturns true if this SecurityGroupExtension supports port ranges for group authorization.- Specified by:
supportsPortRangesForGroupsin interfaceSecurityGroupExtension
-
supportsExclusionCidrBlocks
public boolean supportsExclusionCidrBlocks()Description copied from interface:SecurityGroupExtensionReturns true if this SecurityGroupExtension supports exclusion CIDR groups.- Specified by:
supportsExclusionCidrBlocksin interfaceSecurityGroupExtension
-
pollSecurityGroups
-
pollSecurityGroupsByRegion
-
allSecurityGroupsInRegion
protected com.google.common.base.Function<String,Set<? extends SecurityGroupInRegion>> allSecurityGroupsInRegion() -
groupToGroupInRegion
protected com.google.common.base.Function<SecurityGroup,SecurityGroupInRegion> groupToGroupInRegion(Iterable<SecurityGroup> allGroups, String region)
-