Package org.jclouds.ec2.compute.extensions

Class EC2SecurityGroupExtension

java.lang.Object

org.jclouds.ec2.compute.extensions.EC2SecurityGroupExtension

All Implemented Interfaces:

SecurityGroupExtension

Direct Known Subclasses:

AWSEC2SecurityGroupExtension

public class EC2SecurityGroupExtension
extends Object
implements SecurityGroupExtension

An extension to compute service to allow for the manipulation of SecurityGroups. Implementation is optional by providers.

Field Summary

Fields

Modifier and Type	Field	Description
protected final EC2Api	client
protected final com.google.common.base.Function<SecurityGroup,SecurityGroup>	groupConverter
protected final com.google.common.cache.LoadingCache<RegionAndName,String>	groupCreator
protected final com.google.common.base.Supplier<Set<? extends Location>>	locations
protected final GroupNamingConvention.Factory	namingConvention
protected final com.google.common.base.Supplier<Set<String>>	regions
protected final com.google.common.util.concurrent.ListeningExecutorService	userExecutor

Constructor Summary

Constructors

Constructor

Description

EC2SecurityGroupExtension(EC2Api client, com.google.common.util.concurrent.ListeningExecutorService userExecutor, com.google.common.base.Supplier<Set<String>> regions, com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter, com.google.common.base.Supplier<Set<? extends Location>> locations, com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator, GroupNamingConvention.Factory namingConvention)

Method Summary

Modifier and Type	Method	Description
SecurityGroup	addIpPermission(IpPermission ipPermission, SecurityGroup group)	Add a @{link IpPermission} to an existing @{link SecurityGroup}.
SecurityGroup	addIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)	Add a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given.
protected com.google.common.base.Function<String,Set<? extends SecurityGroup>>	allSecurityGroupsInRegion()
SecurityGroup	createSecurityGroup(String name, String region)
SecurityGroup	createSecurityGroup(String name, Location location)	Create a new @{link SecurityGroup} from the parameters given.
protected Location	findLocationWithId(String locationId)
SecurityGroup	getSecurityGroupById(String id)	Get a security group by id.
Set<SecurityGroup>	listSecurityGroups()	List security groups.
Set<SecurityGroup>	listSecurityGroupsForNode(String id)	List security groups for a given instance given the instance's ID.
Set<SecurityGroup>	listSecurityGroupsInLocation(String region)
Set<SecurityGroup>	listSecurityGroupsInLocation(Location location)	List security groups in a given @{link Location}.
protected Iterable<? extends SecurityGroup>	pollSecurityGroups()
protected Iterable<? extends SecurityGroup>	pollSecurityGroupsByRegion(String region)
SecurityGroup	removeIpPermission(IpPermission ipPermission, SecurityGroup group)	Remove a @{link IpPermission} from an existing @{link SecurityGroup}.
SecurityGroup	removeIpPermission(IpProtocol protocol, int startPort, int endPort, com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges, Iterable<String> groupIds, SecurityGroup group)	Remove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given.
boolean	removeSecurityGroup(String id)	Remove an existing @{link SecurityGroup}, and its permissions.
boolean	supportsExclusionCidrBlocks()	Returns true if this SecurityGroupExtension supports exclusion CIDR groups.
boolean	supportsGroupIds()	Returns true if this SecurityGroupExtension supports group IDs.
boolean	supportsPortRangesForGroups()	Returns true if this SecurityGroupExtension supports port ranges for group authorization.
boolean	supportsTenantIdGroupIdPairs()	Returns true if this SecurityGroupExtension supports tenant ID + group ID pairs.
boolean	supportsTenantIdGroupNamePairs()	Returns true if this SecurityGroupExtension supports tenant ID + group name pairs.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

client

protected final EC2Api client

userExecutor

protected final com.google.common.util.concurrent.ListeningExecutorService userExecutor

regions

protected final com.google.common.base.Supplier<Set<String>> regions

groupConverter

protected final com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter

locations

protected final com.google.common.base.Supplier<Set<? extends Location>> locations

groupCreator

protected final com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator

namingConvention

protected final GroupNamingConvention.Factory namingConvention

Constructor Details

EC2SecurityGroupExtension

@Inject
public EC2SecurityGroupExtension(EC2Api client,
 @Named("jclouds.user-threads")
 com.google.common.util.concurrent.ListeningExecutorService userExecutor,
 com.google.common.base.Supplier<Set<String>> regions,
 com.google.common.base.Function<SecurityGroup,SecurityGroup> groupConverter,
 com.google.common.base.Supplier<Set<? extends Location>> locations,
 @Named("SECURITY")
 com.google.common.cache.LoadingCache<RegionAndName,String> groupCreator,
 GroupNamingConvention.Factory namingConvention)

Method Details

listSecurityGroups

public Set<SecurityGroup> listSecurityGroups()

Description copied from interface: SecurityGroupExtension

List security groups.

Specified by:

listSecurityGroups in interface SecurityGroupExtension

Returns:

The set of @{link SecurityGroup}s we have access to.

listSecurityGroupsInLocation

public Set<SecurityGroup> listSecurityGroupsInLocation(Location location)

Description copied from interface: SecurityGroupExtension

List security groups in a given @{link Location}.

Specified by:

listSecurityGroupsInLocation in interface SecurityGroupExtension

Returns:

The set of @{link SecurityGroup}s we have access to in the given location.

listSecurityGroupsInLocation

public Set<SecurityGroup> listSecurityGroupsInLocation(String region)

listSecurityGroupsForNode

public Set<SecurityGroup> listSecurityGroupsForNode(String id)

Description copied from interface: SecurityGroupExtension

List security groups for a given instance given the instance's ID.

Specified by:

listSecurityGroupsForNode in interface SecurityGroupExtension

Returns:

The set of @{link SecurityGroup}s for the given instance..

getSecurityGroupById

public SecurityGroup getSecurityGroupById(String id)

Description copied from interface: SecurityGroupExtension

Get a security group by id.

Specified by:

getSecurityGroupById in interface SecurityGroupExtension

Returns:

The @{link SecurityGroup}, if it exists.

createSecurityGroup

public SecurityGroup createSecurityGroup(String name,
 Location location)

Description copied from interface: SecurityGroupExtension

Create a new @{link SecurityGroup} from the parameters given.

Specified by:

createSecurityGroup in interface SecurityGroupExtension

Parameters:

name - The name of the security group

location - The @{link Location} of the security group

Returns:

The SecurityGroup that has been created.

createSecurityGroup

public SecurityGroup createSecurityGroup(String name,
 String region)

removeSecurityGroup

public boolean removeSecurityGroup(String id)

Description copied from interface: SecurityGroupExtension

Remove an existing @{link SecurityGroup}, and its permissions.

Specified by:

removeSecurityGroup in interface SecurityGroupExtension

Parameters:

id - The id of the SecurityGroup to delete.

Returns:

true if we were able to remove the group, false otherwise.

addIpPermission

public SecurityGroup addIpPermission(IpPermission ipPermission,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Add a @{link IpPermission} to an existing @{link SecurityGroup}. Applies the permission to the security group on the provider.

Specified by:

addIpPermission in interface SecurityGroupExtension

Parameters:

group - The SecurityGroup to add the permission to.

Returns:

The SecurityGroup with the new permission added, after the permission has been applied on the provider.

addIpPermission

public SecurityGroup addIpPermission(IpProtocol protocol,
 int startPort,
 int endPort,
 com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs,
 Iterable<String> ipRanges,
 Iterable<String> groupIds,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Add a @{link IpPermission} to an existing @{link SecurityGroup}, based on the parameters given. Applies the permission to the security group on the provider.

Specified by:

addIpPermission in interface SecurityGroupExtension

Parameters:

protocol - The @{link IpProtocol} for the permission.

startPort - The first port in the range to be opened, or -1 for ICMP.

endPort - The last port in the range to be opened, or -1 for ICMP.

tenantIdGroupNamePairs - source of traffic allowed is on basis of another group in a tenant, as opposed to by cidr

ipRanges - An Iterable of Strings representing the IP range(s) the permission should allow.

groupIds - An Iterable of @{link SecurityGroup} IDs this permission should allow.

group - The SecurityGroup to add the permission to.

Returns:

The SecurityGroup with the new permission added, after the permission has been applied on the provider.

removeIpPermission

public SecurityGroup removeIpPermission(IpPermission ipPermission,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Remove a @{link IpPermission} from an existing @{link SecurityGroup}. Removes the permission from the security group on the provider.

Specified by:

removeIpPermission in interface SecurityGroupExtension

Parameters:

group - The SecurityGroup to remove the permission from.

Returns:

The SecurityGroup with the permission removed, after the permission has been removed on the provider.

removeIpPermission

public SecurityGroup removeIpPermission(IpProtocol protocol,
 int startPort,
 int endPort,
 com.google.common.collect.Multimap<String,String> tenantIdGroupNamePairs,
 Iterable<String> ipRanges,
 Iterable<String> groupIds,
 SecurityGroup group)

Description copied from interface: SecurityGroupExtension

Remove a @{link IpPermission} from an existing @{link SecurityGroup}, based on the parameters given. Removes the permission from the security group on the provider.

Specified by:

removeIpPermission in interface SecurityGroupExtension

Parameters:

protocol - The @{link IpProtocol} for the permission.

startPort - The first port in the range to be opened, or -1 for ICMP.

endPort - The last port in the range to be opened, or -1 for ICMP.

tenantIdGroupNamePairs - source of traffic allowed is on basis of another group in a tenant, as opposed to by cidr

ipRanges - An Iterable of Strings representing the IP range(s) the permission should allow.

groupIds - An Iterable of @{link SecurityGroup} IDs this permission should allow.

group - The SecurityGroup to remove the permission from.

Returns:

The SecurityGroup with the permission removed, after the permission has been removed from the provider.

supportsTenantIdGroupNamePairs

public boolean supportsTenantIdGroupNamePairs()

Description copied from interface: SecurityGroupExtension

Returns true if this SecurityGroupExtension supports tenant ID + group name pairs.

Specified by:

supportsTenantIdGroupNamePairs in interface SecurityGroupExtension

supportsTenantIdGroupIdPairs

public boolean supportsTenantIdGroupIdPairs()

Description copied from interface: SecurityGroupExtension

Returns true if this SecurityGroupExtension supports tenant ID + group ID pairs.

Specified by:

supportsTenantIdGroupIdPairs in interface SecurityGroupExtension

supportsGroupIds

public boolean supportsGroupIds()

Description copied from interface: SecurityGroupExtension

Returns true if this SecurityGroupExtension supports group IDs.

Specified by:

supportsGroupIds in interface SecurityGroupExtension

supportsPortRangesForGroups

public boolean supportsPortRangesForGroups()

Description copied from interface: SecurityGroupExtension

Returns true if this SecurityGroupExtension supports port ranges for group authorization.

Specified by:

supportsPortRangesForGroups in interface SecurityGroupExtension

supportsExclusionCidrBlocks

public boolean supportsExclusionCidrBlocks()

Description copied from interface: SecurityGroupExtension

Returns true if this SecurityGroupExtension supports exclusion CIDR groups.

Specified by:

supportsExclusionCidrBlocks in interface SecurityGroupExtension

pollSecurityGroups

protected Iterable<? extends SecurityGroup> pollSecurityGroups()

pollSecurityGroupsByRegion

protected Iterable<? extends SecurityGroup> pollSecurityGroupsByRegion(String region)

allSecurityGroupsInRegion

protected com.google.common.base.Function<String,Set<? extends SecurityGroup>> allSecurityGroupsInRegion()

findLocationWithId

protected Location findLocationWithId(String locationId)