示例#1
0
  public static void createSecurityGroup(AmazonEC2 ec2, String securityGroup) {

    List<SecurityGroup> secGroupList = ec2.describeSecurityGroups().getSecurityGroups();
    for (SecurityGroup secGroup : secGroupList) {
      // System.out.println(secGroup.getGroupName());
      if (securityGroup.equalsIgnoreCase(secGroup.getGroupName())) {
        System.out.println("Using Security Group " + securityGroup);
        return;
      }
    }

    CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest();

    createSecurityGroupRequest
        .withGroupName(securityGroup)
        .withDescription("My Java Security Group");

    CreateSecurityGroupResult createSecurityGroupResult =
        ec2.createSecurityGroup(createSecurityGroupRequest);

    // SSH
    IpPermission ipPermission1 = new IpPermission();
    ipPermission1.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(22).withToPort(22);
    // http
    IpPermission ipPermission2 = new IpPermission();
    ipPermission2.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(80).withToPort(80);
    // https
    IpPermission ipPermission3 = new IpPermission();
    ipPermission3.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(443).withToPort(443);
    // tcp
    IpPermission ipPermission4 = new IpPermission();
    ipPermission4
        .withIpRanges("0.0.0.0/0")
        .withIpProtocol("tcp")
        .withFromPort(65535)
        .withToPort(65535);
    // telnet
    IpPermission ipPermission5 = new IpPermission();
    ipPermission5.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(23).withToPort(23);

    List<IpPermission> permissions = new ArrayList<IpPermission>();
    permissions.add(ipPermission1);
    permissions.add(ipPermission2);
    permissions.add(ipPermission3);
    permissions.add(ipPermission4);
    permissions.add(ipPermission5);

    AuthorizeSecurityGroupIngressRequest authorizeSecurityGroupIngressRequest =
        new AuthorizeSecurityGroupIngressRequest();

    authorizeSecurityGroupIngressRequest
        .withGroupName(securityGroup)
        .withIpPermissions(permissions);

    ec2.authorizeSecurityGroupIngress(authorizeSecurityGroupIngressRequest);

    System.out.println("Created Security Group " + securityGroup);
  }
  public static void addSecurityGroup(String groupName) {

    CreateSecurityGroupRequest csgr = new CreateSecurityGroupRequest();
    csgr.withGroupName(groupName).withDescription("Allow on all ports");

    ec2.createSecurityGroup(csgr);

    IpPermission ipPermission = new IpPermission();

    ipPermission.withIpRanges("0.0.0.0/0").withIpProtocol("tcp").withFromPort(0).withToPort(65535);

    AuthorizeSecurityGroupIngressRequest incoming = new AuthorizeSecurityGroupIngressRequest();
    incoming.withGroupName(groupName).withIpPermissions(ipPermission);

    ec2.authorizeSecurityGroupIngress(incoming);

    System.out.println("Security Group " + groupName + " added");
  }