/// <summary>
/// The CreateSecurityGroup operation creates a new security group.
/// Every instance is launched in a security group. If no security group is
/// specified during launch, the instances are launched in the default security
/// group. Instances within the same security group have unrestricted network
/// access to each other. Instances will reject network access attempts from other
/// instances in a different security group. As the owner of instances you can
/// grant or revoke specific permissions using the AuthorizeSecurityGroupIngress
/// and RevokeSecurityGroupIngress operations.
///
/// </summary>
/// <param name="service">Instance of AmazonEC2 service</param>
/// <param name="request">CreateSecurityGroupRequest request</param>
public static void InvokeCreateSecurityGroup(AmazonEC2 service, CreateSecurityGroupRequest request)
{
try
{
CreateSecurityGroupResponse response = service.CreateSecurityGroup(request);
Console.WriteLine ("Service Response");
Console.WriteLine ("=============================================================================");
Console.WriteLine ();
Console.WriteLine(" CreateSecurityGroupResponse");
if (response.IsSetResponseMetadata())
{
Console.WriteLine(" ResponseMetadata");
ResponseMetadata responseMetadata = response.ResponseMetadata;
if (responseMetadata.IsSetRequestId())
{
Console.WriteLine(" RequestId");
Console.WriteLine(" {0}", responseMetadata.RequestId);
}
}
}
catch (AmazonEC2Exception ex)
{
Console.WriteLine("Caught Exception: " + ex.Message);
Console.WriteLine("Response Status Code: " + ex.StatusCode);
Console.WriteLine("Error Code: " + ex.ErrorCode);
Console.WriteLine("Error Type: " + ex.ErrorType);
Console.WriteLine("Request ID: " + ex.RequestId);
Console.WriteLine("XML: " + ex.XML);
}
}
protected override void ProcessRecord()
{
AmazonEC2 client = base.GetClient();
Amazon.EC2.Model.CreateSecurityGroupRequest request = new Amazon.EC2.Model.CreateSecurityGroupRequest();
request.GroupName = this._GroupName;
request.GroupDescription = this._GroupDescription;
Amazon.EC2.Model.CreateSecurityGroupResponse response = client.CreateSecurityGroup(request);
}
public string CreateSecurityGroup(string vpcId, string boostrapId)
{
string secGroupName = SEC_GROUP_PREFIX + boostrapId;
if (SecurityGroupExist(secGroupName))
{
DeleteSecurityGroup(secGroupName);
}
var newGroupRequest = new CreateSecurityGroupRequest()
{
GroupName = secGroupName,
Description = "Security Group for ConDep integration tests",
VpcId = vpcId,
};
var newGroupResponse = _client.CreateSecurityGroup(newGroupRequest);
var publicIp = GetPublicIp() + "/32";
var ruleRequest = new AuthorizeSecurityGroupIngressRequest()
{
GroupId = newGroupResponse.GroupId,
IpPermissions = new List<IpPermission>
{
new IpPermission
{
FromPort = 0,
ToPort = 65535,
IpProtocol = "tcp",
IpRanges = new List<string>
{
publicIp
}
},
new IpPermission
{
FromPort = -1,
ToPort = -1,
IpProtocol = "icmp",
IpRanges = new List<string>
{
publicIp
}
},
new IpPermission
{
FromPort = 1024,
ToPort = 65535,
IpProtocol = "tcp",
IpRanges = new List<string>
{
"0.0.0.0/0"
}
}
}
};
_client.AuthorizeSecurityGroupIngress(ruleRequest);
return newGroupResponse.GroupId;
}
public string CreateSecurityGroup(string groupName, string description, string vpcId)
{
var createSecurityGroupRequest = new CreateSecurityGroupRequest
{
Description = description,
GroupName = groupName,
VpcId = vpcId
};
var response = _ec2Client.CreateSecurityGroup(createSecurityGroupRequest);
return response.GroupId;
}
public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
// create request
var request = new Amazon.EC2.Model.CreateSecurityGroupRequest();
if (cmdletContext.Description != null)
{
request.Description = cmdletContext.Description;
}
if (cmdletContext.GroupName != null)
{
request.GroupName = cmdletContext.GroupName;
}
if (cmdletContext.TagSpecification != null)
{
request.TagSpecifications = cmdletContext.TagSpecification;
}
if (cmdletContext.VpcId != null)
{
request.VpcId = cmdletContext.VpcId;
}
CmdletOutput output;
// issue call
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
pipelineOutput = cmdletContext.Select(response, this);
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
}
catch (Exception e)
{
output = new CmdletOutput {
ErrorResponse = e
};
}
return(output);
}
public async Task CreateSecurityGroup()
{
_context.Logger.WriteLine("CreateSecurityGroup");
var vpcId = await GetVpcId();
var request = new CreateSecurityGroupRequest
{
VpcId = vpcId,
Description = $"{_groupName} Security Group",
GroupName = _groupName
};
var response = await _client.CreateSecurityGroupAsync(request);
await AddInboundRules(response.GroupId);
await AddOutboundRules(response.GroupId);
}
IAsyncResult invokeCreateSecurityGroup(CreateSecurityGroupRequest createSecurityGroupRequest, AsyncCallback callback, object state, bool synchronized)
{
IRequest irequest = new CreateSecurityGroupRequestMarshaller().Marshall(createSecurityGroupRequest);
var unmarshaller = CreateSecurityGroupResponseUnmarshaller.GetInstance();
AsyncResult result = new AsyncResult(irequest, callback, state, synchronized, signer, unmarshaller);
Invoke(result);
return result;
}
/// <summary>
/// Initiates the asynchronous execution of the CreateSecurityGroup operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the CreateSecurityGroup operation on AmazonEC2Client.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndCreateSecurityGroup
/// operation.</returns>
public IAsyncResult BeginCreateSecurityGroup(CreateSecurityGroupRequest request, AsyncCallback callback, object state)
{
var marshaller = new CreateSecurityGroupRequestMarshaller();
var unmarshaller = CreateSecurityGroupResponseUnmarshaller.Instance;
return BeginInvoke<CreateSecurityGroupRequest>(request, marshaller, unmarshaller,
callback, state);
}
/// <summary>
/// <para>Creates a security group.</para> <para>A security group is for use with instances either in the EC2-Classic platform or in a specific
/// VPC. For more information, see <a href="http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html" >Amazon EC2 Security
/// Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i> and <a
/// href="http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html" >Security Groups for Your VPC</a> in the <i>Amazon
/// Virtual Private Cloud User Guide</i> .</para> <para><b>IMPORTANT:</b> EC2-Classic: You can have up to 500 security groups. EC2-VPC: You can
/// create up to 100 security groups per VPC. </para> <para>When you create a security group, you specify a friendly name of your choice. You
/// can have a security group for use in EC2-Classic with the same name as a security group for use in a VPC. However, you can't have two
/// security groups for use in EC2-Classic with the same name or two security groups for use in a VPC with the same name.</para> <para>You have
/// a default security group for use in EC2-Classic and a default security group for use in your VPC. If you don't specify a security group when
/// you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default
/// rule that grants instances unrestricted network access to each other.</para> <para>You can add or remove rules from your security groups
/// using AuthorizeSecurityGroupIngress, AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, and RevokeSecurityGroupEgress.</para>
/// </summary>
///
/// <param name="createSecurityGroupRequest">Container for the necessary parameters to execute the CreateSecurityGroup service method on
/// AmazonEC2.</param>
///
/// <returns>The response from the CreateSecurityGroup service method, as returned by AmazonEC2.</returns>
///
public CreateSecurityGroupResponse CreateSecurityGroup(CreateSecurityGroupRequest createSecurityGroupRequest)
{
IAsyncResult asyncResult = invokeCreateSecurityGroup(createSecurityGroupRequest, null, null, true);
return EndCreateSecurityGroup(asyncResult);
}
/// <summary>
/// Initiates the asynchronous execution of the CreateSecurityGroup operation.
/// <seealso cref="Amazon.EC2.IAmazonEC2.CreateSecurityGroup"/>
/// </summary>
///
/// <param name="createSecurityGroupRequest">Container for the necessary parameters to execute the CreateSecurityGroup operation on
/// AmazonEC2.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking
/// EndCreateSecurityGroup operation.</returns>
public IAsyncResult BeginCreateSecurityGroup(CreateSecurityGroupRequest createSecurityGroupRequest, AsyncCallback callback, object state)
{
return invokeCreateSecurityGroup(createSecurityGroupRequest, callback, state, false);
}
internal CreateSecurityGroupResponse CreateSecurityGroup(CreateSecurityGroupRequest request)
{
var task = CreateSecurityGroupAsync(request);
try
{
return task.Result;
}
catch(AggregateException e)
{
ExceptionDispatchInfo.Capture(e.InnerException).Throw();
return null;
}
}
/// <summary>
/// <para>Creates a security group.</para> <para>A security group is for use with instances either in the EC2-Classic platform or in a specific
/// VPC. For more information, see <a href="http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html">Amazon EC2 Security
/// Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i> and <a href="http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html">Security Groups for Your VPC</a> in the <i>Amazon
/// Virtual Private Cloud User Guide</i> .</para> <para><b>IMPORTANT:</b> EC2-Classic: You can have up to 500 security groups. EC2-VPC: You can
/// create up to 100 security groups per VPC. </para> <para>When you create a security group, you specify a friendly name of your choice. You
/// can have a security group for use in EC2-Classic with the same name as a security group for use in a VPC. However, you can't have two
/// security groups for use in EC2-Classic with the same name or two security groups for use in a VPC with the same name.</para> <para>You have
/// a default security group for use in EC2-Classic and a default security group for use in your VPC. If you don't specify a security group when
/// you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default
/// rule that grants instances unrestricted network access to each other.</para> <para>You can add or remove rules from your security groups
/// using AuthorizeSecurityGroupIngress, AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, and RevokeSecurityGroupEgress.</para>
/// </summary>
///
/// <param name="createSecurityGroupRequest">Container for the necessary parameters to execute the CreateSecurityGroup service method on
/// AmazonEC2.</param>
///
/// <returns>The response from the CreateSecurityGroup service method, as returned by AmazonEC2.</returns>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
public Task<CreateSecurityGroupResponse> CreateSecurityGroupAsync(CreateSecurityGroupRequest createSecurityGroupRequest, CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new CreateSecurityGroupRequestMarshaller();
var unmarshaller = CreateSecurityGroupResponseUnmarshaller.GetInstance();
return Invoke<IRequest, CreateSecurityGroupRequest, CreateSecurityGroupResponse>(createSecurityGroupRequest, marshaller, unmarshaller, signer, cancellationToken);
}
/// <summary>
/// Initiates the asynchronous execution of the CreateSecurityGroup operation.
/// <seealso cref="Amazon.EC2.IAmazonEC2.CreateSecurityGroup"/>
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the CreateSecurityGroup operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public async Task<CreateSecurityGroupResponse> CreateSecurityGroupAsync(CreateSecurityGroupRequest request, CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new CreateSecurityGroupRequestMarshaller();
var unmarshaller = CreateSecurityGroupResponseUnmarshaller.GetInstance();
var response = await Invoke<IRequest, CreateSecurityGroupRequest, CreateSecurityGroupResponse>(request, marshaller, unmarshaller, signer, cancellationToken)
.ConfigureAwait(continueOnCapturedContext: false);
return response;
}
private void createSecurityGroup()
{
try
{
CreateSecurityGroupRequest requestSecurirtyGroup = new CreateSecurityGroupRequest();
requestSecurirtyGroup.GroupName = _securityGroups;
requestSecurirtyGroup.GroupDescription = jwSecurityGroupDescription;
CreateSecurityGroupResponse responseSecurityGroup = _service.CreateSecurityGroup(requestSecurirtyGroup);
AuthorizeSecurityGroupIngressRequest requestAuthz = new AuthorizeSecurityGroupIngressRequest();
requestAuthz.GroupName = _securityGroups;
requestAuthz.IpProtocol = "tcp";
requestAuthz.CidrIp = "0.0.0.0/0";
decimal[] ports = { 80, 443, 1443, 3389 };
foreach (decimal port in ports)
{
requestAuthz.FromPort = port;
requestAuthz.ToPort = port;
AuthorizeSecurityGroupIngressResponse responseAuthz = _service.AuthorizeSecurityGroupIngress(requestAuthz);
}
}
catch (AmazonEC2Exception ex)
{
throw new Exception("Caught Exception: " + ex.XML);
}
}
/// <summary>
/// Creates a security group.
///
///
/// <para>
/// A security group is for use with instances either in the EC2-Classic platform or in
/// a specific VPC. For more information, see <a href="http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html">Amazon
/// EC2 Security Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i> and
/// <a href="http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html">Security
/// Groups for Your VPC</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.
/// </para>
/// <important>
/// <para>
/// EC2-Classic: You can have up to 500 security groups.
/// </para>
///
/// <para>
/// EC2-VPC: You can create up to 100 security groups per VPC.
/// </para>
/// </important>
/// <para>
/// When you create a security group, you specify a friendly name of your choice. You
/// can have a security group for use in EC2-Classic with the same name as a security
/// group for use in a VPC. However, you can't have two security groups for use in EC2-Classic
/// with the same name or two security groups for use in a VPC with the same name.
/// </para>
///
/// <para>
/// You have a default security group for use in EC2-Classic and a default security group
/// for use in your VPC. If you don't specify a security group when you launch an instance,
/// the instance is launched into the appropriate default security group. A default security
/// group includes a default rule that grants instances unrestricted network access to
/// each other.
/// </para>
///
/// <para>
/// You can add or remove rules from your security groups using <a>AuthorizeSecurityGroupIngress</a>,
/// <a>AuthorizeSecurityGroupEgress</a>, <a>RevokeSecurityGroupIngress</a>, and <a>RevokeSecurityGroupEgress</a>.
/// </para>
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the CreateSecurityGroup service method.</param>
///
/// <returns>The response from the CreateSecurityGroup service method, as returned by EC2.</returns>
public CreateSecurityGroupResponse CreateSecurityGroup(CreateSecurityGroupRequest request)
{
var marshaller = new CreateSecurityGroupRequestMarshaller();
var unmarshaller = CreateSecurityGroupResponseUnmarshaller.Instance;
return Invoke<CreateSecurityGroupRequest,CreateSecurityGroupResponse>(request, marshaller, unmarshaller);
}
private Amazon.EC2.Model.CreateSecurityGroupResponse CallAWSServiceOperation(IAmazonEC2 client, Amazon.EC2.Model.CreateSecurityGroupRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "Amazon Elastic Compute Cloud (EC2)", "CreateSecurityGroup");
try
{
#if DESKTOP
return(client.CreateSecurityGroup(request));
#elif CORECLR
return(client.CreateSecurityGroupAsync(request).GetAwaiter().GetResult());
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
private static string CreateSecurityGroup(IAmazonEC2 client, string vpcId, string groupName)
{
// Create a new empty group
var newSgRequest = new CreateSecurityGroupRequest()
{
GroupName = groupName,
Description = "Security group for AWS Talk",
VpcId = vpcId
};
// Get a handle to the newly created group
var newSgResponse = client.CreateSecurityGroup(newSgRequest);
var groups = new List<string>() { newSgResponse.GroupId };
var createdSgRequest = new DescribeSecurityGroupsRequest() { GroupIds = groups };
var createdSgResponse = client.DescribeSecurityGroups(createdSgRequest);
SecurityGroup theNewGroup = createdSgResponse.SecurityGroups[0];
// Add permissions to the group
var ingressRequest = new AuthorizeSecurityGroupIngressRequest();
ingressRequest.GroupId = theNewGroup.GroupId;
ingressRequest.IpPermissions.Add(new IpPermission() { IpProtocol = "tcp", FromPort = 3389, ToPort = 3389, IpRanges = new List<string>() { "0.0.0.0/0" } }); // RDP
ingressRequest.IpPermissions.Add(new IpPermission() { IpProtocol = "tcp", FromPort = 9999, ToPort = 9999, IpRanges = new List<string>() { "0.0.0.0/0" } }); // Worker API
client.AuthorizeSecurityGroupIngress(ingressRequest);
return newSgResponse.GroupId;
}
/// <summary>
/// Initiates the asynchronous execution of the CreateSecurityGroup operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the CreateSecurityGroup operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task<CreateSecurityGroupResponse> CreateSecurityGroupAsync(CreateSecurityGroupRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new CreateSecurityGroupRequestMarshaller();
var unmarshaller = CreateSecurityGroupResponseUnmarshaller.Instance;
return InvokeAsync<CreateSecurityGroupRequest,CreateSecurityGroupResponse>(request, marshaller,
unmarshaller, cancellationToken);
}
/// <summary>
/// <para> The CreateSecurityGroup operation creates a new security group. </para> <para> Every instance is launched in a security group. If no
/// security group is specified during launch, the instances are launched in the default security group. Instances within the same security
/// group have unrestricted network access to each other. Instances will reject network access attempts from other instances in a different
/// security group. As the owner of instances you can grant or revoke specific permissions using the AuthorizeSecurityGroupIngress and
/// RevokeSecurityGroupIngress operations. </para>
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the CreateSecurityGroup service method on
/// AmazonEC2.</param>
///
/// <returns>The response from the CreateSecurityGroup service method, as returned by AmazonEC2.</returns>
public CreateSecurityGroupResponse CreateSecurityGroup(CreateSecurityGroupRequest request)
{
var task = CreateSecurityGroupAsync(request);
try
{
return task.Result;
}
catch(AggregateException e)
{
throw e.InnerException;
}
}
