secgroups

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 16, 2021 License: Apache-2.0 Imports: 5 Imported by: 5

Documentation

Overview

Package secgroups provides the ability to manage security groups through the Nova API.

This API has been deprecated and will be removed from a future release of the Nova API service.

For environments that support this extension, this package can be used regardless of if either Neutron or nova-network is used as the cloud's network service.

Example to List Security Groups

allPages, err := secroups.List(computeClient).AllPages()
if err != nil {
	panic(err)
}

allSecurityGroups, err := secgroups.ExtractSecurityGroups(allPages)
if err != nil {
	panic(err)
}

for _, sg := range allSecurityGroups {
	fmt.Printf("%+v\n", sg)
}

Example to List Security Groups by Server

serverID := "aab3ad01-9956-4623-a29b-24afc89a7d36"

allPages, err := secroups.ListByServer(computeClient, serverID).AllPages()
if err != nil {
	panic(err)
}

allSecurityGroups, err := secgroups.ExtractSecurityGroups(allPages)
if err != nil {
	panic(err)
}

for _, sg := range allSecurityGroups {
	fmt.Printf("%+v\n", sg)
}

Example to Create a Security Group

createOpts := secgroups.CreateOpts{
	Name:        "group_name",
	Description: "A Security Group",
}

sg, err := secgroups.Create(computeClient, createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Create a Security Group Rule

sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"

createOpts := secgroups.CreateRuleOpts{
	ParentGroupID: sgID,
	FromPort:      22,
	ToPort:        22,
	IPProtocol:    "tcp",
	CIDR:          "0.0.0.0/0",
}

rule, err := secgroups.CreateRule(computeClient, createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Add a Security Group to a Server

serverID := "aab3ad01-9956-4623-a29b-24afc89a7d36"
sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"

err := secgroups.AddServer(computeClient, serverID, sgID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Remove a Security Group from a Server

serverID := "aab3ad01-9956-4623-a29b-24afc89a7d36"
sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"

err := secgroups.RemoveServer(computeClient, serverID, sgID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Delete a Security Group

sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"
err := secgroups.Delete(computeClient, sgID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Delete a Security Group Rule

ruleID := "6221fe3e-383d-46c9-a3a6-845e66c1e8b4"
err := secgroups.DeleteRule(computeClient, ruleID).ExtractErr()
if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DeleteWithRetry added in v0.1.0

func DeleteWithRetry(c *golangsdk.ServiceClient, id string, timeout int) error

DeleteWithRetry will try to permanently delete a particular security group based on its unique ID and RetryTimeout.

func List

func List(client *golangsdk.ServiceClient) pagination.Pager

List will return a collection of all the security groups for a particular tenant.

func ListByServer

func ListByServer(client *golangsdk.ServiceClient, serverID string) pagination.Pager

ListByServer will return a collection of all the security groups which are associated with a particular server.

Types

type AddServerResult

type AddServerResult struct {
	golangsdk.ErrResult
}

AddServerResult is the response from an AddServer operation. Call its ExtractErr method to determine if the request succeeded or failed.

func AddServer

func AddServer(client *golangsdk.ServiceClient, serverID, groupName string) (r AddServerResult)

AddServer will associate a server and a security group, enforcing the rules of the group on the server.

type CreateOpts

type CreateOpts GroupOpts

CreateOpts is the struct responsible for creating a security group.

func (CreateOpts) ToSecGroupCreateMap

func (opts CreateOpts) ToSecGroupCreateMap() (map[string]interface{}, error)

ToSecGroupCreateMap builds a request body from CreateOpts.

type CreateOptsBuilder

type CreateOptsBuilder interface {
	ToSecGroupCreateMap() (map[string]interface{}, error)
}

CreateOptsBuilder allows extensions to add additional parameters to the Create request.

type CreateResult

type CreateResult struct {
	// contains filtered or unexported fields
}

CreateResult represents the result of a create operation. Call its Extract method to interpret the result as a SecurityGroup.

func Create

func Create(client *golangsdk.ServiceClient, opts CreateOptsBuilder) (r CreateResult)

Create will create a new security group.

func (CreateResult) Extract

func (r CreateResult) Extract() (*SecurityGroup, error)

Extract will extract a SecurityGroup struct from most responses.

type CreateRuleOpts

type CreateRuleOpts struct {
	// ID is the ID of the group that this rule will be added to.
	ParentGroupID string `json:"parent_group_id" required:"true"`

	// FromPort is the lower bound of the port range that will be opened.
	// Use -1 to allow all ICMP traffic.
	FromPort int `json:"from_port"`

	// ToPort is the upper bound of the port range that will be opened.
	// Use -1 to allow all ICMP traffic.
	ToPort int `json:"to_port"`

	// IPProtocol the protocol type that will be allowed, e.g. TCP.
	IPProtocol string `json:"ip_protocol" required:"true"`

	// CIDR is the network CIDR to allow traffic from.
	// This is ONLY required if FromGroupID is blank. This represents the IP
	// range that will be the source of network traffic to your security group.
	// Use 0.0.0.0/0 to allow all IP addresses.
	CIDR string `json:"cidr,omitempty" or:"FromGroupID"`

	// FromGroupID represents another security group to allow access.
	// This is ONLY required if CIDR is blank. This value represents the ID of a
	// group that forwards traffic to the parent group. So, instead of accepting
	// network traffic from an entire IP range, you can instead refine the
	// inbound source by an existing security group.
	FromGroupID string `json:"group_id,omitempty" or:"CIDR"`
}

CreateRuleOpts represents the configuration for adding a new rule to an existing security group.

func (CreateRuleOpts) ToRuleCreateMap

func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]interface{}, error)

ToRuleCreateMap builds a request body from CreateRuleOpts.

type CreateRuleOptsBuilder

type CreateRuleOptsBuilder interface {
	ToRuleCreateMap() (map[string]interface{}, error)
}

CreateRuleOptsBuilder allows extensions to add additional parameters to the CreateRule request.

type CreateRuleResult

type CreateRuleResult struct {
	golangsdk.Result
}

CreateRuleResult represents the result when adding rules to a security group. Call its Extract method to interpret the result as a Rule.

func CreateRule

func CreateRule(client *golangsdk.ServiceClient, opts CreateRuleOptsBuilder) (r CreateRuleResult)

CreateRule will add a new rule to an existing security group (whose ID is specified in CreateRuleOpts). You have the option of controlling inbound traffic from either an IP range (CIDR) or from another security group.

func (CreateRuleResult) Extract

func (r CreateRuleResult) Extract() (*Rule, error)

Extract will extract a Rule struct from a CreateRuleResult.

type DeleteResult

type DeleteResult struct {
	golangsdk.ErrResult
}

DeleteResult is the response from delete operation. Call its ExtractErr method to determine if the request succeeded or failed.

func Delete

func Delete(client *golangsdk.ServiceClient, id string) (r DeleteResult)

Delete will permanently delete a security group from the project.

type DeleteRuleResult

type DeleteRuleResult struct {
	golangsdk.ErrResult
}

DeleteRuleResult is the response from a DeleteRule operation. Call its ExtractErr method to determine if the request succeeded or failed.

func DeleteRule

func DeleteRule(client *golangsdk.ServiceClient, id string) (r DeleteRuleResult)

DeleteRule will permanently delete a rule from a security group.

type GetResult

type GetResult struct {
	// contains filtered or unexported fields
}

GetResult represents the result of a get operation. Call its Extract method to interpret the result as a SecurityGroup.

func Get

func Get(client *golangsdk.ServiceClient, id string) (r GetResult)

Get will return details for a particular security group.

func (GetResult) Extract

func (r GetResult) Extract() (*SecurityGroup, error)

Extract will extract a SecurityGroup struct from most responses.

type Group

type Group struct {
	TenantID string `json:"tenant_id"`
	Name     string
}

Group represents a group.

type GroupOpts

type GroupOpts struct {
	// the name of your security group.
	Name string `json:"name" required:"true"`
	// the description of your security group.
	Description string `json:"description" required:"true"`
}

GroupOpts is the underlying struct responsible for creating or updating security groups. It therefore represents the mutable attributes of a security group.

type IPRange

type IPRange struct {
	CIDR string
}

IPRange represents the IP range whose traffic will be accepted by the security group.

type RemoveServerResult

type RemoveServerResult struct {
	golangsdk.ErrResult
}

RemoveServerResult is the response from a RemoveServer operation. Call its ExtractErr method to determine if the request succeeded or failed.

func RemoveServer

func RemoveServer(client *golangsdk.ServiceClient, serverID, groupName string) (r RemoveServerResult)

RemoveServer will disassociate a server from a security group.

type Rule

type Rule struct {
	// The unique ID. If Neutron is installed, this ID will be
	// represented as a string UUID; if Neutron is not installed, it will be a
	// numeric ID. For the sake of consistency, we always cast it to a string.
	ID string `json:"-"`

	// The lower bound of the port range which this security group should open up.
	FromPort int `json:"from_port"`

	// The upper bound of the port range which this security group should open up.
	ToPort int `json:"to_port"`

	// The IP protocol (e.g. TCP) which the security group accepts.
	IPProtocol string `json:"ip_protocol"`

	// The CIDR IP range whose traffic can be received.
	IPRange IPRange `json:"ip_range"`

	// The security group ID to which this rule belongs.
	ParentGroupID string `json:"-"`

	// Not documented.
	Group Group
}

Rule represents a security group rule, a policy which determines how a security group operates and what inbound traffic it allows in.

func (*Rule) UnmarshalJSON

func (r *Rule) UnmarshalJSON(b []byte) error

type SecurityGroup

type SecurityGroup struct {
	// The unique ID of the group. If Neutron is installed, this ID will be
	// represented as a string UUID; if Neutron is not installed, it will be a
	// numeric ID. For the sake of consistency, we always cast it to a string.
	ID string `json:"-"`

	// The human-readable name of the group, which needs to be unique.
	Name string `json:"name"`

	// The human-readable description of the group.
	Description string `json:"description"`

	// The rules which determine how this security group operates.
	Rules []Rule `json:"rules"`

	// The ID of the tenant to which this security group belongs.
	TenantID string `json:"tenant_id"`
}

SecurityGroup represents a security group.

func ExtractSecurityGroups

func ExtractSecurityGroups(r pagination.Page) ([]SecurityGroup, error)

ExtractSecurityGroups returns a slice of SecurityGroups contained in a single page of results.

func (*SecurityGroup) UnmarshalJSON

func (r *SecurityGroup) UnmarshalJSON(b []byte) error

type SecurityGroupPage

type SecurityGroupPage struct {
	pagination.SinglePageBase
}

SecurityGroupPage is a single page of a SecurityGroup collection.

func (SecurityGroupPage) IsEmpty

func (page SecurityGroupPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Security Groups contains any results.

type UpdateOpts

type UpdateOpts GroupOpts

UpdateOpts is the struct responsible for updating an existing security group.

func (UpdateOpts) ToSecGroupUpdateMap

func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]interface{}, error)

ToSecGroupUpdateMap builds a request body from UpdateOpts.

type UpdateOptsBuilder

type UpdateOptsBuilder interface {
	ToSecGroupUpdateMap() (map[string]interface{}, error)
}

UpdateOptsBuilder allows extensions to add additional parameters to the Update request.

type UpdateResult

type UpdateResult struct {
	// contains filtered or unexported fields
}

UpdateResult represents the result of an update operation. Call its Extract method to interpret the result as a SecurityGroup.

func Update

func Update(client *golangsdk.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult)

Update will modify the mutable properties of a security group, notably its name and description.

func (UpdateResult) Extract

func (r UpdateResult) Extract() (*SecurityGroup, error)

Extract will extract a SecurityGroup struct from most responses.

Directories

Path Synopsis
secgroups unit tests
secgroups unit tests

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL