Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Log if exceeded AWS limit. #28 :v:

  • Loading branch information...
commit 8259d95b0b57bd52b8bdbfd656f6828f9a75928a 1 parent dc20a27
@dylanegan authored
Showing with 29 additions and 0 deletions.
  1. +20 −0 lib/fog/bouncer/group.rb
  2. +9 −0 spec/fog/bouncer/group_spec.rb
View
20 lib/fog/bouncer/group.rb
@@ -59,6 +59,19 @@ def destroy
end
end
+ # Public: Check if it has exceeded the 100 rules limit per group on AWS,
+ # http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-network-security.html.
+ #
+ # Examples
+ #
+ # exceeded?
+ # # => false
+ #
+ # Returns a Boolean
+ def exceeded?
+ local_permissions.size > 100
+ end
+
def extra_remote_sources
sources.select { |source| !source.local? && source.remote? }
end
@@ -127,12 +140,19 @@ def apply_definitions
end
end
+ def local_permissions
+ permissions = sources.map do |source|
+ source.protocols.select { |p| p.local? }
+ end.flatten.compact
+ end
+
def source(source, &block)
add_source(source, &block)
end
def synchronize_sources
log(synchronize_sources: true) do
+ log(synchronize_sources: true, exceeded_aws_limit: true) if exceeded?
SourceManager.new(self).synchronize
end
end
View
9 spec/fog/bouncer/group_spec.rb
@@ -29,6 +29,15 @@
end
end
+ describe "#exceeded?" do
+ it "should check if the group exceeds the AWS rules limit" do
+ @group.exceeded?.must_equal false
+ source = @group.sources.first
+ 0.upto(100) { |i| p = source.add_protocol(:tcp, i + 1000); p.local = true }
+ @group.exceeded?.must_equal true
+ end
+ end
+
describe "#extras" do
before do
Fog::Bouncer::IPPermissions.to(@group, [{ "ipProtocol" => "tcp", "fromPort" => 20, "toPort" => 20, "ipRanges" => [{ "cidrIp" => "2.2.2.2/2" }], "groups" => [] }])
Please sign in to comment.
Something went wrong with that request. Please try again.