module Cumulus::SecurityGroups::Loader

Public: Load Security Group assets

Public Class Methods

groups() click to toggle source

Public: Load all the security group configurations as SecurityGroupConfig objects

Returns an array of SecurityGroupConfig

# File lib/security/loader/Loader.rb, line 20
def Loader.groups
  # List all the directories to load groups from each vpc
  vpc_dirs = Dir.entries(@@groups_dir).reject { |f| f == "." or f == ".."}.select { |f| File.directory?(File.join(@@groups_dir, f)) }

  vpc_groups = vpc_dirs.map do |d|
    aws_vpc = EC2::named_vpcs[d]

    if aws_vpc.nil?
      puts Colors.red("No VPC named #{d} exists")
      exit StatusCodes::EXCEPTION
    end

    Common::BaseLoader.resources(File.join(@@groups_dir, d)) do |file_name, json|
      name = "#{aws_vpc.name}/#{file_name}"
      SecurityGroupConfig.new(name, aws_vpc.vpc_id, json)
    end
  end.flatten

  non_vpc_groups = Common::BaseLoader.resources(@@groups_dir) do |file_name, json|
    SecurityGroupConfig.new(file_name, nil, json)
  end

  if !EC2::supports_ec2_classic and !non_vpc_groups.empty?
    puts "Ignoring Non-VPC Security Groups because your account does not support them"
    non_vpc_groups = []
  end

  vpc_groups + non_vpc_groups
end
rule(rule_name) click to toggle source

Public: Load a single static rule

Returns the static rule as json

# File lib/security/loader/Loader.rb, line 53
def Loader.rule(rule_name)
  Common::BaseLoader.resource(rule_name, @@rules_dir) { |_, json| json }
end
subnet_group(name) click to toggle source

Public: Get the local definition of a subnet group.

name - the name of the subnet group to get

Returns an array of ip addresses that is empty if there is no subnet group with that name

# File lib/security/loader/Loader.rb, line 62
def Loader.subnet_group(name)
  if self.subnet_groups[name].nil?
    raise "Could not find subnet #{name}"
  else
    self.subnet_groups[name]
  end
end

Private Class Methods

load_subnet_groups() click to toggle source

Internal: Load the subnet group definitions

Returns a hash that maps group name to an array of ips

# File lib/security/loader/Loader.rb, line 82
def Loader.load_subnet_groups
  @@subnet_files.reduce({}) do |sofar, f|
    subnet_group = Common::BaseLoader.resource(f, "") { |_, json| json }
    if subnet_group
      subnet_group.merge(sofar)
    else
      sofar
    end
  end
end
subnet_groups() click to toggle source

Internal: Get the subnet group definitions

Returns a hash that maps group name to an array of ips

# File lib/security/loader/Loader.rb, line 75
def Loader.subnet_groups
  @subnet_groups ||= self.load_subnet_groups
end