public static void createSecurityGroup(AmazonEC2 ec2, String securityGroup) {
List<SecurityGroup> secGroupList = ec2.describeSecurityGroups().getSecurityGroups();
for (SecurityGroup secGroup : secGroupList) {
// System.out.println(secGroup.getGroupName());
if (securityGroup.equalsIgnoreCase(secGroup.getGroupName())) {
System.out.println("Using Security Group " + securityGroup);
return;
}
}
CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest();
createSecurityGroupRequest
.withGroupName(securityGroup)
.withDescription("My Java Security Group");
CreateSecurityGroupResult createSecurityGroupResult =
ec2.createSecurityGroup(createSecurityGroupRequest);
// SSH
IpPermission ipPermission1 = new IpPermission();
ipPermission1.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(22).withToPort(22);
// http
IpPermission ipPermission2 = new IpPermission();
ipPermission2.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(80).withToPort(80);
// https
IpPermission ipPermission3 = new IpPermission();
ipPermission3.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(443).withToPort(443);
// tcp
IpPermission ipPermission4 = new IpPermission();
ipPermission4
.withIpRanges("0.0.0.0/0")
.withIpProtocol("tcp")
.withFromPort(65535)
.withToPort(65535);
// telnet
IpPermission ipPermission5 = new IpPermission();
ipPermission5.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(23).withToPort(23);
List<IpPermission> permissions = new ArrayList<IpPermission>();
permissions.add(ipPermission1);
permissions.add(ipPermission2);
permissions.add(ipPermission3);
permissions.add(ipPermission4);
permissions.add(ipPermission5);
AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest =
new AuthorizeSecurityGroupIngressRequest();
authorizeSecurityGroupIngressRequest
.withGroupName(securityGroup)
.withIpPermissions(permissions);
ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest);
System.out.println("Created Security Group " + securityGroup);
}
public static void addSecurityGroup(String groupName) {
CreateSecurityGroupRequest csgr = new CreateSecurityGroupRequest();
csgr.withGroupName(groupName).withDescription("Allow on all ports");
ec2.createSecurityGroup(csgr);
IpPermission ipPermission = new IpPermission();
ipPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(0).withToPort(65535);
AuthorizeSecurityGroupIngressRequest incoming = new AuthorizeSecurityGroupIngressRequest();
incoming.withGroupName(groupName).withIpPermissions(ipPermission);
ec2.authorizeSecurityGroupIngress(incoming);
System.out.println("Security Group " + groupName + " added");
}