@return [Boolean] True if this is an egress permission
@return [Array] An array of security groups that have been
granted access with this permission.
@return [Array] An array of string CIDR ip addresses.
@return [Range] The port range (e.g. 80..80, 4000..4010, etc)
@return [Symbol] The protocol (:tcp, :udp, :icmp)
@return [SecurityGroup] The security group this permission is
authorized for.
@param protocol [:tcp, :udp, :icmp]
@param [Integer,Range<Integer>] ports A port or port range to allow.
@param [Hash] options
@option options [Array] :#ip_ranges An array of CIDR ip address
to grant permission to.
@option options [Array] :groups An array of SecurityGroup objects to
grant permission to.
@option options [Boolean] :egress (false) When true this IpPermission
is assumed to be an egress permission.
# File lib/aws/ec2/security_group/ip_permission.rb, line 36 def initialize security_group, protocol, ports, options = {} @security_group = security_group @protocol = protocol == '-1' ? :any : protocol.to_s.downcase.to_sym @ip_ranges = Array(options[:ip_ranges]) @groups = Array(options[:groups]) @egress = options[:egress] || false # not all egress permissions require port ranges, depends on the # protocol if ports @port_range = Array(ports).first.to_i..Array(ports).last.to_i end super end
@return [Boolean] Returns true if this is an egress permission.
# File lib/aws/ec2/security_group/ip_permission.rb, line 79 def egress? @egress ? true : false end
@return [Boolean] Returns true if the other IpPermission matches
this one.
# File lib/aws/ec2/security_group/ip_permission.rb, line 97 def eql? other other.is_a?(IpPermission) and other.security_group == security_group and other.protocol == protocol and other.port_range == port_range and other.ip_ranges.sort == ip_ranges.sort and other.groups.sort == groups.sort and other.egress? == egress? end
Revokes this permission from its security group. @return [IpPermission] Returns self
# File lib/aws/ec2/security_group/ip_permission.rb, line 91 def revoke update_sg(egress? ? :revoke_egress : :revoke_ingress) end
# File lib/aws/ec2/security_group/ip_permission.rb, line 109 def update_sg method sources = [] sources += ip_ranges sources += groups if egress? opts = {} opts[:protocol] = protocol opts[:ports] = port_range if port_range sources << opts security_group.send(method, *sources) else security_group.send(method, protocol, port_range, *sources) end self end