Project

grouper

0.0
No commit activity in last 3 years
No release in over 3 years
grouperdigitalfrost/grouperHomepageDocumentationSource CodeBug TrackerWiki
Easily configure and manage Amazon Web Services Security Groups
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
4,056
Stars
7
Forks
2
Watchers
2
 Releases
Current version
0.0.2
Total releases
1
First release
2013-04-12
Latest release
2013-04-12
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2013-06-08
Reverse Dependencies
0

 Dependencies

Runtime

aws-sdk
>= 0
 Project Readme

#Simple AWS Security Group Management

Grouper makes it easy to manage AWS Security Groups programatically,

It aims to be simple and to overcome some of the limitations and pain of managing security groups via the AWS management console.

  • It makes it easy to understand what a rule or group of rules does
  • It makes easy to reuse rules across security rules
  • It makes applying a set of rules to a new security group much faster

##Installation

gem install 'grouper'

You will need a yml file containing your AWS credentials in the form

access_key_id: ACCESS_KEY_ID
secret_access_key: SECRET_ACCESS_KEY_ID

Examples

You want your new intranet server hosted on EC2 to be monitored by worm.ly, connect to github and receive ubuntu updates....

See example.rb and example-vpc.rb

#example.rb
require 'aws-sdk'
require 'grouper'
include Grouper 

AWS.config(YAML.load(File.read('path/to/credentials/aws.yml'))) #your AWS credentials

wormly_ips = ['178.79.181.14/32', '103.1.185.241/32', '184.72.226.23/32', '66.246.75.38/32', '74.82.3.54/32', '74.207.230.51/32', '69.164.195.159/32', '184.73.218.144/32']

github_ips = ['207.97.227.224/27', '173.203.140.192/27', '204.232.175.64/27', '72.4.117.96/27']

wormly = [Rule.new(:tcp, 443, wormly_ips, :in)]

github = [ Rule.new(:tcp, 22, github_ips, :in),
           Rule.new(:tcp, 80, github_ips, :in),
           Rule.new(:tcp, 443, github_ips, :in)]
           

ec2 = AWS::EC2.new(:ec2_endpoint => "ec2.eu-west-1.amazonaws.com")
intranet_server = find_or_create(ec2, 'intranet_server')
rules = wormly + github
apply_rules(intranet_server, rules)

Now simply add the "intranet_server" security group to your EC2 instance(s)

Port range for echo requests

When defining rules for echo requests the value for :ports should be in the format 0..-1 where 0 is the ICMP code type.

E.g.

  #Allow echo requests from Wormly
  Rule.new(:icmp, 8..-1, wormly_ips, :in)

Creating Security Groups in a VPC

Pass the VPC where you want to create / modify a security group in to te find_or_create method instead on an ec2 instance

E.g.

  ec2 = AWS::EC2.new(:ec2_endpoint => "ec2.eu-west-1.amazonaws.com")
  vpc = ec2.vpcs.first
  intranet_server = find_or_create(vpc, 'intranet_server')

Updating rules

Make changes to your grouper script and rerun it - rules that are no longer defined in the rules array passed to apply_rules() will be be removed.

License

Grouper is released under the MIT license: