lib/fog/aws/requests/compute/describe_security_groups.rb
module Fog
module AWS
class Compute
class Real
require 'fog/aws/parsers/compute/describe_security_groups'
# Describe all or specified security groups
#
# ==== Parameters
# * filters<~Hash> - List of filters to limit results with
# * 'MaxResults'<~Integer> - The maximum number of results to return for the request in a single page
# * 'NextToken'<~String> - The token to retrieve the next page of results
#
# === Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'requestId'<~String> - Id of request
# * 'securityGroupInfo'<~Array>:
# * 'groupDescription'<~String> - Description of security group
# * 'groupId'<~String> - ID of the security group.
# * 'groupName'<~String> - Name of security group
# * 'ipPermissions'<~Array>:
# * 'fromPort'<~Integer> - Start of port range (or -1 for ICMP wildcard)
# * 'groups'<~Array>:
# * 'groupName'<~String> - Name of security group
# * 'userId'<~String> - AWS User Id of account
# * 'ipProtocol'<~String> - Ip protocol, must be in ['tcp', 'udp', 'icmp']
# * 'ipRanges'<~Array>:
# * 'cidrIp'<~String> - CIDR range
# * 'ipv6Ranges'<~Array>:
# * 'cidrIpv6'<~String> - CIDR ipv6 range
# * 'toPort'<~Integer> - End of port range (or -1 for ICMP wildcard)
# * 'ownerId'<~String> - AWS Access Key Id of the owner of the security group
# * 'NextToken'<~String> - The token to retrieve the next page of results
#
# {Amazon API Reference}[http://docs.amazonwebservices.com/AWSEC2/latest/APIReference/ApiReference-query-DescribeSecurityGroups.html]
def describe_security_groups(filters = {})
unless filters.is_a?(Hash)
Fog::Logger.deprecation("describe_security_groups with #{filters.class} param is deprecated, use describe_security_groups('group-name' => []) instead [light_black](#{caller.first})[/]")
filters = {'group-name' => [*filters]}
end
options = {}
for key in %w[MaxResults NextToken]
if filters.is_a?(Hash) && filters.key?(key)
options[key] = filters.delete(key)
end
end
params = Fog::AWS.indexed_filters(filters).merge!(options)
request({
'Action' => 'DescribeSecurityGroups',
:idempotent => true,
:parser => Fog::Parsers::AWS::Compute::DescribeSecurityGroups.new
}.merge!(params))
end
end
class Mock
def describe_security_groups(filters = {})
unless filters.is_a?(Hash)
Fog::Logger.deprecation("describe_security_groups with #{filters.class} param is deprecated, use describe_security_groups('group-name' => []) instead [light_black](#{caller.first})[/]")
filters = {'group-name' => [*filters]}
end
response = Excon::Response.new
security_group_info = self.data[:security_groups].reject { |k,v| k['amazon-elb-sg'] }.values
aliases = {
'description' => 'groupDescription',
'group-name' => 'groupName',
'group-id' => 'groupId',
'owner-id' => 'ownerId'
}
permission_aliases = {
'cidr' => 'cidrIp',
'from-port' => 'fromPort',
'protocol' => 'ipProtocol',
'to-port' => 'toPort'
}
security_group_groups = lambda do |security_group|
(security_group['ipPermissions'] || []).map do |permission|
permission['groups']
end.flatten.compact.uniq
end
for filter_key, filter_value in filters
if permission_key = filter_key.split('ip-permission.')[1]
if permission_key == 'group-name'
security_group_info = security_group_info.reject do |security_group|
!security_group_groups.call(security_group).find do |group|
[*filter_value].include?(group['groupName'])
end
end
elsif permission_key == 'group-id'
security_group_info = security_group_info.reject do |security_group|
!security_group_groups.call(security_group).find do |group|
[*filter_value].include?(group['groupId'])
end
end
elsif permission_key == 'user-id'
security_group_info = security_group_info.reject do |security_group|
!security_group_groups.call(security_group).find do |group|
[*filter_value].include?(group['userId'])
end
end
else
aliased_key = permission_aliases[filter_key]
security_group_info = security_group_info.reject do |security_group|
!security_group['ipPermissions'].find do |permission|
[*filter_value].include?(permission[aliased_key])
end
end
end
else
aliased_key = aliases[filter_key]
security_group_info = security_group_info.reject do |security_group|
![*filter_value].include?(security_group[aliased_key])
end
end
end
response.status = 200
response.body = {
'requestId' => Fog::AWS::Mock.request_id,
'securityGroupInfo' => security_group_info
}
response
end
end
end
end
end