private static void AddRuleWithIPAddress(ISecurityGroup sg, SecurityGroupRuleOptions securitygroupRuleOptions, SecurityGroupRuleType securityGroupRuleType) { if (securityGroupRuleType == SecurityGroupRuleType.IngressRule) { sg.AddIngressRule(Peer.Ipv4(securitygroupRuleOptions.IpAddress), Port.TcpRange(securitygroupRuleOptions.PortRangeStart.Value, securitygroupRuleOptions.PortRangeEnd.Value), securitygroupRuleOptions.Description); } else { sg.AddEgressRule(Peer.Ipv4(securitygroupRuleOptions.IpAddress), Port.TcpRange(securitygroupRuleOptions.PortRangeStart.Value, securitygroupRuleOptions.PortRangeEnd.Value), securitygroupRuleOptions.Description); } }
private static void CheckSecurityGroupIngressRulesParams(SecurityGroupRuleOptions ingressRule, bool securityGroupIdIsEmpty, bool ipAddressIsEmpty, SecurityGroupRuleType securityGroupRuleType) { var typeRule = securityGroupRuleType == SecurityGroupRuleType.IngressRule ? "ingress" : "egress"; if (securityGroupIdIsEmpty && ipAddressIsEmpty) { throw new ArgumentException($"An {typeRule} rule must contain either a security group id or an IP address"); } if (!securityGroupIdIsEmpty && !ipAddressIsEmpty) { throw new ArgumentException($"An {typeRule} rule cannot contain both a security group id and an IP address"); } if (ingressRule.Port == null && ingressRule.PortRangeStart == null && ingressRule.PortRangeEnd == null) { throw new ArgumentException($"An {typeRule} rule must contain either a Port or a Port Range"); } }
private void AddRuleWithEMptyIPAddress(SecurityGroupOptions securityGroup, ISecurityGroup sg, SecurityGroupRuleOptions securitygroupRuleOptions, SecurityGroupRuleType securityGroupRuleType) { var securityGroupAllowed = LocateSecurityGroup(securitygroupRuleOptions.SecurityGroupId, $"The security group id {securitygroupRuleOptions.SecurityGroupId} was found in the list of ingress rules of the security group {securityGroup.SecurityGroupName}, that security group does not exist"); if (securityGroupRuleType == SecurityGroupRuleType.IngressRule) { sg.AddIngressRule(securityGroupAllowed, Port.TcpRange(securitygroupRuleOptions.PortRangeStart.Value, securitygroupRuleOptions.PortRangeEnd.Value), securitygroupRuleOptions.Description); } else { sg.AddEgressRule(securityGroupAllowed, Port.TcpRange(securitygroupRuleOptions.PortRangeStart.Value, securitygroupRuleOptions.PortRangeEnd.Value), securitygroupRuleOptions.Description); } }
private void CheckPortRangeStart(SecurityGroupOptions securityGroup, ISecurityGroup sg, SecurityGroupRuleOptions securitygroupRuleOptions, bool ipAddressIsEmpty, SecurityGroupRuleType securityGroupRuleType) { if ((securitygroupRuleOptions.PortRangeStart != null || securitygroupRuleOptions.PortRangeEnd != null) && (securitygroupRuleOptions.PortRangeStart == null || securitygroupRuleOptions.PortRangeEnd == null)) { throw new ArgumentException("A Port Range must specify both a start port and an end port"); } else { if (securitygroupRuleOptions.PortRangeStart != null && securitygroupRuleOptions.PortRangeEnd != null) { if (ipAddressIsEmpty) { AddRuleWithEMptyIPAddress(securityGroup, sg, securitygroupRuleOptions, securityGroupRuleType); } else { AddRuleWithIPAddress(sg, securitygroupRuleOptions, securityGroupRuleType); } } } }
private void CheckIngresPortAndIPAdress(SecurityGroupOptions securityGroup, ISecurityGroup sg, SecurityGroupRuleOptions ingressRule, bool ipAddressIsEmpty, SecurityGroupRuleType securityGroupRuleType) { if (ingressRule.Port != null) { if (ipAddressIsEmpty) { var securityGroupAllowed = LocateSecurityGroup(ingressRule.SecurityGroupId, $"The security group id {ingressRule.SecurityGroupId} was found in the list of ingress rules of the security group {securityGroup.SecurityGroupName}, that security group does not exist"); if (securityGroupRuleType == SecurityGroupRuleType.IngressRule) { sg.AddIngressRule(securityGroupAllowed, Port.Tcp(ingressRule.Port.Value), ingressRule.Description); } else { sg.AddEgressRule(securityGroupAllowed, Port.Tcp(ingressRule.Port.Value), ingressRule.Description); } } else { if (securityGroupRuleType == SecurityGroupRuleType.IngressRule) { sg.AddIngressRule(Peer.Ipv4(ingressRule.IpAddress), Port.Tcp(ingressRule.Port.Value), ingressRule.Description); } else { sg.AddEgressRule(Peer.Ipv4(ingressRule.IpAddress), Port.Tcp(ingressRule.Port.Value), ingressRule.Description); } } } }