public static void createSecurityGroup(AmazonEC2 ec2, String securityGroup) {
List<SecurityGroup> secGroupList = ec2.describeSecurityGroups().getSecurityGroups();
for (SecurityGroup secGroup : secGroupList) {
// System.out.println(secGroup.getGroupName());
if (securityGroup.equalsIgnoreCase(secGroup.getGroupName())) {
System.out.println("Using Security Group " + securityGroup);
return;
}
}
CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest();
createSecurityGroupRequest
.withGroupName(securityGroup)
.withDescription("My Java Security Group");
CreateSecurityGroupResult createSecurityGroupResult =
ec2.createSecurityGroup(createSecurityGroupRequest);
// SSH
IpPermission ipPermission1 = new IpPermission();
ipPermission1.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(22).withToPort(22);
// http
IpPermission ipPermission2 = new IpPermission();
ipPermission2.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(80).withToPort(80);
// https
IpPermission ipPermission3 = new IpPermission();
ipPermission3.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(443).withToPort(443);
// tcp
IpPermission ipPermission4 = new IpPermission();
ipPermission4
.withIpRanges("0.0.0.0/0")
.withIpProtocol("tcp")
.withFromPort(65535)
.withToPort(65535);
// telnet
IpPermission ipPermission5 = new IpPermission();
ipPermission5.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(23).withToPort(23);
List<IpPermission> permissions = new ArrayList<IpPermission>();
permissions.add(ipPermission1);
permissions.add(ipPermission2);
permissions.add(ipPermission3);
permissions.add(ipPermission4);
permissions.add(ipPermission5);
AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest =
new AuthorizeSecurityGroupIngressRequest();
authorizeSecurityGroupIngressRequest
.withGroupName(securityGroup)
.withIpPermissions(permissions);
ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest);
System.out.println("Created Security Group " + securityGroup);
}
public static void addSecurityGroup(String groupName) {
CreateSecurityGroupRequest csgr = new CreateSecurityGroupRequest();
csgr.withGroupName(groupName).withDescription("Allow on all ports");
ec2.createSecurityGroup(csgr);
IpPermission ipPermission = new IpPermission();
ipPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(0).withToPort(65535);
AuthorizeSecurityGroupIngressRequest incoming = new AuthorizeSecurityGroupIngressRequest();
incoming.withGroupName(groupName).withIpPermissions(ipPermission);
ec2.authorizeSecurityGroupIngress(incoming);
System.out.println("Security Group " + groupName + " added");
}
/**
* Perform operations necessary to complete a full integration test.
*
* @return: String groupId
*/
public String integrationTest(AmazonEC2Client computeClient)
throws AmazonServiceException, AmazonClientException {
final String suffix = UUID.randomUUID().toString().substring(0, 8);
final String groupName = this.getTestGroupName(suffix);
final String groupDescription = this.getTestGoupDescription(suffix);
CreateSecurityGroupResult createResult = null;
final com.amazonaws.services.ec2.model.CreateSecurityGroupRequest ec2request =
new com.amazonaws.services.ec2.model.CreateSecurityGroupRequest();
ec2request.setGroupName(groupName);
ec2request.setDescription(groupDescription);
logger.info("Creating Security Group");
createResult = computeClient.createSecurityGroup(ec2request);
mSecurityGroups.add(groupName);
final String groupId = createResult.getGroupId();
assertNotNull("Expect a group id.", groupId);
return groupId;
}
