Package org.jclouds.aws.ec2.compute.extensions

Class AWSEC2SecurityGroupExtension

java.lang.Object

org.jclouds.ec2.compute.extensions.EC2SecurityGroupExtension

org.jclouds.aws.ec2.compute.extensions.AWSEC2SecurityGroupExtension

All Implemented Interfaces:

SecurityGroupExtension

public class AWSEC2SecurityGroupExtension
extends EC2SecurityGroupExtension

An extension to compute service to allow for the manipulation of SecurityGroups. Implementation is optional by providers.

Field Summary

Fields

Modifier and Type	Field	Description
protected final AWSEC2Api	client
protected final com.google.common.base.Function<String,String>	groupNameToId

Fields inherited from class org.jclouds.ec2.compute.extensions.EC2SecurityGroupExtension

groupConverter, groupCreator, locations, namingConvention, regions, userExecutor

Constructor Summary

Constructors

Constructor

Description

AWSEC2SecurityGroupExtension(AWSEC2Api client, com.google.common.util.concurrent.ListeningExecutorService userExecutor, com.google.common.base.Supplier<Set<String>> regions, com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter, com.google.common.base.Supplier<Set<? extends Location>> locations, com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator, GroupNamingConvention.Factory namingConvention, com.google.common.base.Function<String,String> groupNameToId)

Method Summary

Modifier and Type	Method	Description
SecurityGroup	addIpPermission(IpPermission ipPermission, SecurityGroup group)	Add a @{link IpPermission} to an existing @{link SecurityGroup}.
SecurityGroup	addIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)	Add a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given.
SecurityGroup	createSecurityGroup(String name, String region)
SecurityGroup	getSecurityGroupById(String id)	Get a security group by id.
SecurityGroup	removeIpPermission(IpPermission ipPermission, SecurityGroup group)	Remove a @{link IpPermission} from an existing @{link SecurityGroup}.
SecurityGroup	removeIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)	Remove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given.
boolean	removeSecurityGroup(String id)	Remove an existing @{link SecurityGroup}, and its permissions.
boolean	supportsTenantIdGroupIdPairs()	Returns true if this SecurityGroupExtension supports tenant ID + group ID pairs.
boolean	supportsTenantIdGroupNamePairs()	Returns true if this SecurityGroupExtension supports tenant ID + group name pairs.

Methods inherited from class org.jclouds.ec2.compute.extensions.EC2SecurityGroupExtension

allSecurityGroupsInRegion, createSecurityGroup, findLocationWithId, listSecurityGroups, listSecurityGroupsForNode, listSecurityGroupsInLocation, listSecurityGroupsInLocation, pollSecurityGroups, pollSecurityGroupsByRegion, supportsExclusionCidrBlocks, supportsGroupIds, supportsPortRangesForGroups

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

client

protected final AWSEC2Api client

groupNameToId

protected final com.google.common.base.Function<String,String> groupNameToId

Constructor Details

AWSEC2SecurityGroupExtension

@Inject
public AWSEC2SecurityGroupExtension(AWSEC2Api client,
 @Named("jclouds.user-threads")
 com.google.common.util.concurrent.ListeningExecutorService userExecutor,
 com.google.common.base.Supplier<Set<String>> regions,
 com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter,
 com.google.common.base.Supplier<Set<? extends Location>> locations,
 @Named("SECURITY")
 com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator,
 GroupNamingConvention.Factory namingConvention,
 @Named("SECGROUP_NAME_TO_ID")
 com.google.common.base.Function<String,String> groupNameToId)

Method Details

createSecurityGroup

public SecurityGroup createSecurityGroup(String name,
 String region)

Overrides:

createSecurityGroup in class EC2SecurityGroupExtension

getSecurityGroupById

public SecurityGroup getSecurityGroupById(String id)

Description copied from interface: SecurityGroupExtension

Get a security group by id.

Specified by:

getSecurityGroupById in interface SecurityGroupExtension

Overrides:

getSecurityGroupById in class EC2SecurityGroupExtension

Returns:

The @{link SecurityGroup}, if it exists.

removeSecurityGroup

public boolean removeSecurityGroup(String id)

Description copied from interface: SecurityGroupExtension

Remove an existing @{link SecurityGroup}, and its permissions.

Specified by:

removeSecurityGroup in interface SecurityGroupExtension

Overrides:

removeSecurityGroup in class EC2SecurityGroupExtension

Parameters:

id - The id of the SecurityGroup to delete.

Returns:

true if we were able to remove the group, false otherwise.

addIpPermission

public SecurityGroup addIpPermission(IpPermission ipPermission,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Add a @{link IpPermission} to an existing @{link SecurityGroup}. Applies the permission to the security group on the provider.

Specified by:

addIpPermission in interface SecurityGroupExtension

Overrides:

addIpPermission in class EC2SecurityGroupExtension

Parameters:

group - The SecurityGroup to add the permission to.

Returns:

The SecurityGroup with the new permission added, after the permission has been applied on the provider.

addIpPermission

public SecurityGroup addIpPermission(IpProtocol protocol,
 int startPort,
 int endPort,
 com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs,
 Iterable<String> ipRanges,
 Iterable<String> groupIds,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Add a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given. Applies the permission to the security group on the provider.

Specified by:

addIpPermission in interface SecurityGroupExtension

Overrides:

addIpPermission in class EC2SecurityGroupExtension

Parameters:

protocol - The @{link IpProtocol} for the permission.

startPort - The first port in the range to be opened, or -1 for ICMP.

endPort - The last port in the range to be opened, or -1 for ICMP.

tenantIdGroupNamePairs - source of traffic allowed is on basis of another group in a tenant, as opposed to by cidr

ipRanges - An Iterable of Strings representing the IP range(s) the permission should allow.

groupIds - An Iterable of @{link SecurityGroup} IDs this permission should allow.

group - The SecurityGroup to add the permission to.

Returns:

The SecurityGroup with the new permission added, after the permission has been applied on the provider.

removeIpPermission

public SecurityGroup removeIpPermission(IpPermission ipPermission,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Remove a @{link IpPermission} from an existing @{link SecurityGroup}. Removes the permission from the security group on the provider.

Specified by:

removeIpPermission in interface SecurityGroupExtension

Overrides:

removeIpPermission in class EC2SecurityGroupExtension

Parameters:

group - The SecurityGroup to remove the permission from.

Returns:

The SecurityGroup with the permission removed, after the permission has been removed on the provider.

removeIpPermission

public SecurityGroup removeIpPermission(IpProtocol protocol,
 int startPort,
 int endPort,
 com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs,
 Iterable<String> ipRanges,
 Iterable<String> groupIds,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Remove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given. Removes the permission from the security group on the provider.

Specified by:

removeIpPermission in interface SecurityGroupExtension

Overrides:

removeIpPermission in class EC2SecurityGroupExtension

Parameters:

protocol - The @{link IpProtocol} for the permission.

startPort - The first port in the range to be opened, or -1 for ICMP.

endPort - The last port in the range to be opened, or -1 for ICMP.

tenantIdGroupNamePairs - source of traffic allowed is on basis of another group in a tenant, as opposed to by cidr

ipRanges - An Iterable of Strings representing the IP range(s) the permission should allow.

groupIds - An Iterable of @{link SecurityGroup} IDs this permission should allow.

group - The SecurityGroup to remove the permission from.

Returns:

The SecurityGroup with the permission removed, after the permission has been removed from the provider.

supportsTenantIdGroupNamePairs

public boolean supportsTenantIdGroupNamePairs()

Description copied from interface: SecurityGroupExtension

Returns true if this SecurityGroupExtension supports tenant ID + group name pairs.

Specified by:

supportsTenantIdGroupNamePairs in interface SecurityGroupExtension

Overrides:

supportsTenantIdGroupNamePairs in class EC2SecurityGroupExtension

supportsTenantIdGroupIdPairs

public boolean supportsTenantIdGroupIdPairs()

Description copied from interface: SecurityGroupExtension

Returns true if this SecurityGroupExtension supports tenant ID + group ID pairs.

Specified by:

supportsTenantIdGroupIdPairs in interface SecurityGroupExtension

Overrides:

supportsTenantIdGroupIdPairs in class EC2SecurityGroupExtension