static void ProcessNetworkAclFromTemplate(dynamic input, CFStack stack) { NetworkAcl nacl = new NetworkAcl(); nacl.LogicalId = input.Name; nacl.Type = "AWS::EC2::NetworkAcl"; var props = input.Value["Properties"]; foreach (var prop in props) { switch ((string)prop.Name) { case "VpcId": var a = prop.Value; foreach (var item in a) { nacl.Properties.VpcId = item.Value; } break; case "Tags": break; } } stack.Resources.Add(nacl); }
static void ProcessEC2SecurityGroupIngressFromTemplate(dynamic input, CFStack stack) { EC2SecurityGroupIngress sgi = new EC2SecurityGroupIngress(); var rule = input.Value["Properties"]; //FormatProtocol - Protocol could be a number or text (e.g. 6 or tcp) sgi.IpProtocol = FormatProtocol(rule.IpProtocol.ToString()); //------------------------------------------------------------------- //FormatPortRange - Port range could be 0-0 -1-1 0-65535 string from = ""; string to = ""; FormatPortRange(rule.FromPort.ToString(), rule.ToPort.ToString(), out from, out to); sgi.FromPort = from; sgi.ToPort = to; //------------------------------------------------------------------- sgi.CidrIp = rule.CidrIp; if (rule.SourceSecurityGroupId != null) { if (rule.SourceSecurityGroupId != null) { var Ids = rule.SourceSecurityGroupId; if (Ids.Value == null) { foreach (var Id in Ids) { sgi.SourceSecurityGroupId = Id.Value; } } else { sgi.SourceSecurityGroupId = Ids.Value; } } } if (rule.GroupId != null) { sgi.GroupName = rule.GroupId["Ref"].Value; EC2SecurityGroup x = stack.Resources.Find(n => n != null && n.LogicalId == rule.GroupId["Ref"].Value); if (x != null) { x.Properties.SecurityGroupIngress.Add(sgi); } else { //TODO //Either remember and process orphaned ingress rule //Or write out to error log. MessageBox.Show("Error", "Did not find security group " + sgi.GroupName + " to add ingress rule to", MessageBoxButtons.OK, MessageBoxIcon.Error); } } }
static void ProcessIAMUserFromTemplate(dynamic input, CFStack stack) { IAMUser u = new IAMUser(); u.LogicalId = input.Name; u.Type = "AWS::IAM::User"; var props = input.Value["Properties"]; foreach (var prop in props) { switch ((string)prop.Name) { case "Path": u.Properties.Path = prop.Value; break; case "Policies": var policies = prop.Value; foreach (var policy in policies) { IAMUserPolicy pol = new IAMUserPolicy(); pol.PolicyName = (string)policy["PolicyName"]; var policyDoc = policy["PolicyDocument"]; foreach (var statementItems in policyDoc) { foreach (var statement in statementItems.Value) { IAMUserStatement us = new IAMUserStatement(); us.Action = statement.Action; us.Effect = statement.Effect; us.Resource = statement.Resource; pol.PolicyDocument.Statement.Add(us); } } u.Properties.Policies.Add(pol); } break; default: break; } } stack.Resources.Add(u); }
private void compare_BTN_Click_1(object sender, EventArgs e) { if (StackOriginal1 == null || StackOriginal2 == null) { return; } ClearRTBBackgroundColour(richTextBox1); ClearRTBBackgroundColour(richTextBox2); CompareRemoves = toolStripMenuItem_CompareRemove.Checked; StackCopy1 = StackOriginal1.DeepClone(); StackCopy2 = StackOriginal2.DeepClone(); CompareStacks(); ViewSwitch = true; SwitchView_BTN.Enabled = true; }
// ----------------------------------------------------------------------- // Template public static void ProcessTemplateResources(dynamic input, CFStack stack) { foreach (var resource in input) { string logicalId = resource.Name; switch ((string)resource.Value["Type"]) { case "AWS::IAM::User": //ProcessIAMUserFromTemplate(resource, stack); break; case "AWS::IAM::AccessKey": break; case "AWS::EC2::SecurityGroup": ProcessEC2SecurityGroupFromTemplate(resource, stack); break; case "AWS::EC2::SecurityGroupIngress": ProcessEC2SecurityGroupIngressFromTemplate(resource, stack); break; case "AWS::EC2::NetworkAcl": ProcessNetworkAclFromTemplate(resource, stack); break; case "AWS::EC2::NetworkAclEntry": ProcessNetworkAclEntryFromTemplate(resource, stack); break; default: break; } } }
private void WriteOutput(CFStack s, RichTextBox rtb, string source, string name) { rtb.Clear(); rtb.AppendText("Source: " + source); rtb.AppendText(Environment.NewLine); rtb.AppendText("Name/Path: " + name); rtb.AppendText(Environment.NewLine); rtb.AppendText(Environment.NewLine); rtb.AppendText("Decription: " + s.Description); rtb.AppendText(Environment.NewLine); rtb.AppendText("Resources"); rtb.AppendText(Environment.NewLine); foreach (var resource in s.Resources) { rtb.AppendText(tab1); rtb.AppendText(resource.LogicalId); rtb.AppendText(Environment.NewLine); rtb.AppendText(tab2); rtb.AppendText("Type: " + resource.Type); rtb.AppendText(Environment.NewLine); var properties = resource.Properties; string type = resource.Type; switch (type) { case "AWS::EC2::SecurityGroup": EC2SecurityGroup group = (EC2SecurityGroup)resource; rtb.AppendText(tab3); rtb.AppendText("Group Description: " + group.Properties.GroupDescription); rtb.AppendText(Environment.NewLine); var rules = group.Properties.SecurityGroupIngress.OrderBy(a => a.IpProtocol).ThenBy(a => a.ToPort).ThenBy(a => a.FromPort).ThenBy(a => a.CidrIp).ThenBy(a => a.SourceSecurityGroupId); foreach (var rule in rules) { if (rule.StateChanged == false) { rtb.AppendText(tab4); } else { rtb.AppendText(diffMarker); rtb.AppendText(tab3); } //Check if Protocol exists in Dictionary else use the number if (Protocols.ContainsKey(rule.IpProtocol)) { rtb.AppendText("Protocol: " + Protocols[rule.IpProtocol] + " (" + rule.IpProtocol + ") | "); } else { rtb.AppendText("Protocol: " + "Custom" + " (" + rule.IpProtocol + ") | "); } if (rule.FromPort.Equals(rule.ToPort, StringComparison.Ordinal)) { rtb.AppendText("Port Range: " + rule.FromPort + " | "); } else { rtb.AppendText("Port Range: " + rule.FromPort + "-" + rule.ToPort + " | "); } if (rule.CidrIp != null) { rtb.AppendText("Source: " + rule.CidrIp); } else { rtb.AppendText("Source: " + rule.SourceSecurityGroupId); } rtb.AppendText(Environment.NewLine); } break; case "AWS::EC2::NetworkAcl": NetworkAcl acl = (NetworkAcl)resource; rtb.AppendText(tab3); rtb.AppendText("VpcId: " + acl.Properties.VpcId); rtb.AppendText(Environment.NewLine); var aclEntry = acl.Properties.NetworkAclEntry.OrderBy(a => a.Egress).ThenBy(a => a.RuleNumber); bool egressDisplayed = false; bool ingressDisplayed = false; foreach (var rule in aclEntry) { //Rule #, Type, Protocol, Port Range, Source, Allow/Deny if (rule.Egress == false && ingressDisplayed == false) { rtb.AppendText(tab4); rtb.AppendText("Inbound Rules"); rtb.AppendText(Environment.NewLine); ingressDisplayed = true; } else if (rule.Egress == true && egressDisplayed == false) { rtb.AppendText(tab4); rtb.AppendText("Outbound Rules"); rtb.AppendText(Environment.NewLine); egressDisplayed = true; } if (rule.StateChanged == false) { rtb.AppendText(tab5); } else { rtb.AppendText(diffMarker); rtb.AppendText(tab4); } rtb.AppendText("Rule: " + rule.RuleNumber + " | "); //Check if Protocol exists in Dictionary else use the number if (Protocols.ContainsKey(rule.Protocol)) { rtb.AppendText("Protocol: " + Protocols[rule.Protocol] + " (" + rule.Protocol + ") | "); } else { rtb.AppendText("Protocol: " + "Custom" + " (" + rule.Protocol + ") | "); } //ALL ports could be 0-0 or -1 or 0-65535 if (rule.FromPort.Equals(rule.ToPort, StringComparison.Ordinal)) { if ((rule.FromPort == "0" && rule.ToPort == "0") || (rule.FromPort == "-1" && rule.ToPort == "-1")) { rtb.AppendText("Port Range: ALL | "); } else { rtb.AppendText("Port Range: " + rule.FromPort + " | "); } } else { if (rule.FromPort == "0" && rule.ToPort == "65535") { rtb.AppendText("Port Range: ALL | "); } else { rtb.AppendText("Port Range: " + rule.FromPort + "-" + rule.ToPort + " | "); } } rtb.AppendText("Source: " + rule.CidrBlock + " | "); rtb.AppendText("Allow/Deny: " + rule.RuleAction.ToUpper()); rtb.AppendText(Environment.NewLine); } break; } rtb.AppendText(Environment.NewLine); } // Highlight Textbox Lines for (int i = 0; i < rtb.Lines.Length; i++) { if (rtb.Lines[i].Contains("*")) { int selectionStart = rtb.GetFirstCharIndexFromLine(i); int selectionEnd = rtb.Lines[i].Count(); rtb.SelectionStart = selectionStart; rtb.SelectionLength = selectionEnd; rtb.SelectionBackColor = System.Drawing.Color.Yellow; } } }
private void ProcessLiveStackResourcess(ListStackResourcesResponse liveStackResources, CFStack stack, AmazonEC2Client ec2Client, Dictionary <string, string> secGroupMap, string stackName, AmazonCloudFormationClient cfClient) { foreach (StackResourceSummary liveStackResource in liveStackResources.StackResourceSummaries) { switch (liveStackResource.ResourceType) { case "AWS::EC2::SecurityGroup": AWSUtils.ProcessEC2SecurityGroupFromAWS(liveStackResource, stack, ec2Client, secGroupMap, stackName); break; case "AWS::EC2::NetworkAcl": AWSUtils.ProcessNetworkAclFromAWS(liveStackResource, stack, ec2Client, stackName); break; default: break; } } if (liveStackResources.NextToken != null) { ListStackResourcesRequest lr = new ListStackResourcesRequest(); lr.StackName = stackName; lr.NextToken = liveStackResources.NextToken; liveStackResources = cfClient.ListStackResources(lr); ProcessLiveStackResourcess(liveStackResources, stack, ec2Client, secGroupMap, stackName, cfClient); } }
//private ListStackResourcesResponse ListStackResources(string stackName, AmazonCloudFormationClient cfClient, string nextToken = null) //{ // ListStackResourcesRequest lr = new ListStackResourcesRequest(); // lr.StackName = stackName; // lr.NextToken = nextToken; // ListStackResourcesResponse liveStackResources = cfClient.ListStackResources(lr); // return liveStackResources; //} private void ProcessLiveStack(string stackName, AmazonCloudFormationClient cfClient, AmazonEC2Client ec2Client, RichTextBox rtb, CFStack stack) { Dictionary <string, string> secGroupMap = new Dictionary <string, string>(); DescribeSecurityGroupsRequest secGroupRequestAll = new DescribeSecurityGroupsRequest(); //Get all security group Id's and cf logicalId's (if any) DescribeSecurityGroupsResponse secGroupResponseAll = ec2Client.DescribeSecurityGroups(secGroupRequestAll); foreach (SecurityGroup sg in secGroupResponseAll.SecurityGroups) { string value = "none"; foreach (Amazon.EC2.Model.Tag tag in sg.Tags) { if (tag.Key.Contains("aws:cloudformation:logical-id")) { value = tag.Value; } } secGroupMap.Add(sg.GroupId, value); } //Get Live Stack DescribeStacksRequest cfRequest = new DescribeStacksRequest(); cfRequest.StackName = stackName; DescribeStacksResponse liveStack = cfClient.DescribeStacks(cfRequest); stack.Description = liveStack.Stacks[0].Description; //Get Stack Resouces //Need to use ListStackResourcesRequest to be able to get stacks with more than 100 resources ListStackResourcesRequest lr = new ListStackResourcesRequest(); lr.StackName = stackName; ListStackResourcesResponse liveStackResources = cfClient.ListStackResources(lr); ProcessLiveStackResourcess(liveStackResources, stack, ec2Client, secGroupMap, stackName, cfClient); stack.Resources.Sort((a, b) => a.LogicalId.CompareTo(b.LogicalId)); WriteOutput(stack, rtb, source1_CB.Text, templateOrStack1_TB.Text); }
private void ProcessTemplate(string jsonString, RichTextBox rtb, string path, CFStack stack) { //Stack From Template var template = JsonConvert.DeserializeObject <dynamic>(jsonString); stack.Description = template.Description; var r = template.Resources; //Process StackResources AWSUtils.ProcessTemplateResources(template.Resources, stack); stack.Resources.Sort((a, b) => a.LogicalId.CompareTo(b.LogicalId)); WriteOutput(stack, rtb, source1_CB.Text, templateOrStack1_TB.Text); }
private void Go_Window2() { if (inputsAreValid(source2_CB, profile2_CB, templateOrStack2_TB, validation2_LB)) { AmazonCloudFormationClient CFclient = null; AmazonEC2Client EC2client = null; StackOriginal2 = new CFStack(); StackCopy2 = new CFStack(); try { profileName2 = profile2_CB.Text; if (validateTemplate_CB.Checked || source2_CB.Text == "AWS") { var creds = new StoredProfileAWSCredentials(profileName2); CFclient = new AmazonCloudFormationClient(creds); EC2client = new AmazonEC2Client(creds); } switch (source2_CB.Text) { case "Template": templatePath2 = templateOrStack2_TB.Text.Trim(); using (StreamReader sr = new StreamReader(templatePath2)) { jasonString2 = sr.ReadToEnd(); if (validateTemplate_CB.Checked) { if (validateTemplate(jasonString2, CFclient)) { ProcessTemplate(jasonString2, richTextBox2, templatePath2, StackOriginal2); } } else { ProcessTemplate(jasonString2, richTextBox2, templatePath2, StackOriginal2); } } break; case "AWS": stackName2 = templateOrStack2_TB.Text.Trim(); ProcessLiveStack(stackName2, CFclient, EC2client, richTextBox2, StackOriginal2); break; } profileName2 = profile2_CB.Text.Trim(); } catch (Exception ex) { richTextBox2.Text = ex.Message; } finally { if (CFclient != null) { CFclient.Dispose(); } if (EC2client != null) { EC2client.Dispose(); } } } }
static void ProcessNetworkAclEntryFromTemplate(dynamic input, CFStack stack) { NetworkAclEntry ne = new NetworkAclEntry(); var rule = input.Value["Properties"]; ne.Protocol = rule.Protocol; ne.CidrBlock = rule.CidrBlock; ne.Egress = (bool)rule.Egress; ne.RuleNumber = rule.RuleNumber; ne.RuleAction = rule.RuleAction; if (rule.NetworkAclId != null) { var a = rule.NetworkAclId; foreach (var item in a) { ne.NetworkAclId = item.Value; } } if (rule.PortRange != null) { var range = rule.PortRange; foreach (var item in range) { if (item.Name == "To") { if (item.Value == "-1") { ne.ToPort = "ALL"; } else { ne.ToPort = item.Value; } } if (item.Name == "From") { if (item.Value == "-1") { ne.ToPort = "ALL"; } else { ne.FromPort = item.Value; } } } } else //If port range is not specified in the template then AWS sets it to ALL { ne.FromPort = "ALL"; ne.ToPort = "ALL"; } //Format PortRange string from = ""; string to = ""; FormatPortRange(ne.FromPort, ne.ToPort, out from, out to); ne.FromPort = from; ne.ToPort = to; if (rule.Icmp != null) { //May not be needed } if (ne.NetworkAclId != null) { NetworkAcl x = stack.Resources.Find(n => n != null && n.LogicalId == ne.NetworkAclId); if (x != null) { x.Properties.NetworkAclEntry.Add(ne); } else { //TODO //Either remember and process orphaned ingress rule //Or write out to error log. MessageBox.Show("Error", "Did not find NACL " + ne.NetworkAclId + " to add entry to", MessageBoxButtons.OK, MessageBoxIcon.Error); } } }
public static void ProcessEC2SecurityGroupFromAWS(StackResourceSummary resource, CFStack stack, AmazonEC2Client ec2Client, Dictionary <string, string> secGroupMap, string stackName) { DescribeSecurityGroupsRequest secGroupRequest = new DescribeSecurityGroupsRequest(); //Set request to use Phisical Id secGroupRequest.GroupIds = new List <string> { resource.PhysicalResourceId }; //Attempt to get security group using physical Id DescribeSecurityGroupsResponse response = GetSecurityGroup(ec2Client, secGroupRequest); if (response == null) { //Set request to use Logical Id and Stack Name Tags secGroupRequest.GroupIds.Clear(); List <Filter> f = new List <Filter>(); f.Add(new Filter { Name = "tag:aws:cloudformation:logical-id", Values = new List <string>() { resource.LogicalResourceId } }); f.Add(new Filter { Name = "tag:aws:cloudformation:stack-name", Values = new List <string>() { stackName } }); secGroupRequest.Filters = f; //Attempt to get security group using logical Id response = GetSecurityGroup(ec2Client, secGroupRequest); } if (response == null | response.SecurityGroups.Count == 0) { return; } foreach (SecurityGroup group in response.SecurityGroups) { EC2SecurityGroup sg = new EC2SecurityGroup(); sg.LogicalId = resource.LogicalResourceId; if (log) { Utils.WriteToFile(logFile, "AWS SG: " + sg.LogicalId.ToString(), true); } sg.Type = "AWS::EC2::SecurityGroup"; sg.Properties.GroupDescription = group.Description; sg.Properties.VpcId = group.VpcId; foreach (IpPermission perms in group.IpPermissions) { for (int i = 0; i < perms.IpRanges.Count; i++) { EC2SecurityGroupIngress sgi = new EC2SecurityGroupIngress(); //FormatProtocol - Protocol could be a number or text (e.g. 6 or tcp) sgi.IpProtocol = FormatProtocol(perms.IpProtocol); //-------------------------------------------------------------------- //FormatPortRange - Port range could be 0-0 -1-1 0-65535 string from = ""; string to = ""; FormatPortRange(perms.FromPort.ToString(), perms.ToPort.ToString(), out from, out to); sgi.FromPort = from; sgi.ToPort = to; //------------------------------------------------------ sgi.CidrIp = perms.IpRanges[i]; sg.Properties.SecurityGroupIngress.Add(sgi); if (log) { Utils.WriteToFile(logFile, " Protocol: " + perms.IpProtocol + " | From: " + perms.FromPort.ToString() + " To: " + perms.ToPort.ToString(), true); } } for (int i = 0; i < perms.UserIdGroupPairs.Count; i++) { EC2SecurityGroupIngress sgi = new EC2SecurityGroupIngress(); //FormatProtocol - Protocol could be a number or text (e.g. 6 or tcp) sgi.IpProtocol = FormatProtocol(perms.IpProtocol); //-------------------------------------------------------------------- //FormatPortRange - Port range could be 0-0 -1-1 0-65535 string from = ""; string to = ""; FormatPortRange(perms.FromPort.ToString(), perms.ToPort.ToString(), out from, out to); sgi.FromPort = from; sgi.ToPort = to; //------------------------------------------------------- sg.Properties.SecurityGroupIngress.Add(sgi); string groupName; if (secGroupMap.TryGetValue(perms.UserIdGroupPairs[i].GroupId, out groupName)) { sgi.SourceSecurityGroupId = groupName; } else { sgi.SourceSecurityGroupId = perms.UserIdGroupPairs[i].GroupId; } if (log) { Utils.WriteToFile(logFile, " Protocol: " + perms.IpProtocol + " | From: " + perms.FromPort.ToString() + " To: " + perms.ToPort.ToString(), true); } } } stack.Resources.Add(sg); } }
// ----------------------------------------------------------------------- // Live Stack public static void ProcessNetworkAclFromAWS(StackResourceSummary resource, CFStack stack, AmazonEC2Client ec2Client, string stackName) { DescribeNetworkAclsRequest naclRequest = new DescribeNetworkAclsRequest(); naclRequest.NetworkAclIds = new List <string> { resource.PhysicalResourceId }; DescribeNetworkAclsResponse response = ec2Client.DescribeNetworkAcls(naclRequest); foreach (Amazon.EC2.Model.NetworkAcl nacl in response.NetworkAcls) { NetworkAcl n = new NetworkAcl(); n.LogicalId = resource.LogicalResourceId; if (log) { Utils.WriteToFile(logFile, "AWS NACL: " + n.LogicalId.ToString(), true); } n.Type = "AWS::EC2::NetworkAcl"; n.Properties.VpcId = nacl.VpcId; foreach (Amazon.EC2.Model.NetworkAclEntry e in nacl.Entries) { NetworkAclEntry ne = new NetworkAclEntry(); ne.RuleNumber = e.RuleNumber.ToString(); ne.CidrBlock = e.CidrBlock; ne.Egress = e.Egress; if (e.PortRange == null) { ne.FromPort = "ALL"; ne.ToPort = "ALL"; } else { //FormatPortRange - Port range could be 0-0 -1-1 0-65535 string from = ""; string to = ""; FormatPortRange(e.PortRange.From.ToString(), e.PortRange.To.ToString(), out from, out to); ne.FromPort = from; ne.ToPort = to; //------------------------------------------------------ } //FormatProtocol - Protocol could be a number or text (e.g. 6 or tcp) ne.Protocol = FormatProtocol(e.Protocol); //------------------------------------------------------------------- ne.RuleAction = e.RuleAction; //ICMP not included. n.Properties.NetworkAclEntry.Add(ne); if (e.PortRange == null) { if (log) { Utils.WriteToFile(logFile, ne.RuleNumber + " Protocol: " + e.Protocol + " | From: " + "null" + " To: " + "null", true); } } else { if (log) { Utils.WriteToFile(logFile, ne.RuleNumber + " Protocol: " + e.Protocol + " | From: " + e.PortRange.From.ToString() + " To: " + e.PortRange.To.ToString(), true); } } } stack.Resources.Add(n); } }
static void ProcessEC2SecurityGroupFromTemplate(dynamic input, CFStack stack) { EC2SecurityGroup sg = new EC2SecurityGroup(); sg.LogicalId = input.Name; sg.Type = "AWS::EC2::SecurityGroup"; var props = input.Value["Properties"]; foreach (var prop in props) { //Attempt to deal with values that are calculated using CloudFormation functions like Join. if (prop.Value.ToString().Contains("Fn::")) { prop.Value = "Calulated value"; } switch ((string)prop.Name) { case "GroupDescription": sg.Properties.GroupDescription = prop.Value.ToString(); break; case "VpcId": var a = prop.Value; sg.Properties.VpcId = a.Value; break; case "Tags": break; case "SecurityGroupIngress": var ingressRules = prop.Value; foreach (var rule in ingressRules) { EC2SecurityGroupIngress sgi = new EC2SecurityGroupIngress(); //FormatProtocol - Protocol could be a number or text (e.g. 6 or tcp) sgi.IpProtocol = FormatProtocol(rule.IpProtocol.ToString()); //------------------------------------------------------------------- //FormatPortRange - Port range could be 0-0 -1-1 0-65535 string from = ""; string to = ""; FormatPortRange(rule.FromPort.ToString(), rule.ToPort.ToString(), out from, out to); sgi.FromPort = from; sgi.ToPort = to; //------------------------------------------------------- sgi.CidrIp = rule.CidrIp; if (rule.SourceSecurityGroupId != null) { var Ids = rule.SourceSecurityGroupId; foreach (var Id in Ids) { sgi.SourceSecurityGroupId = Id.Value; } } sg.Properties.SecurityGroupIngress.Add(sgi); } break; } } stack.Resources.Add(sg); }
private void CompareNetworkAcl(NetworkAcl originalResource1, NetworkAcl originalResource2, NetworkAcl copyResource, CFStack copyStack) { List <NetworkAclEntry> compareList = copyResource.Properties.NetworkAclEntry; foreach (NetworkAclEntry x in originalResource1.Properties.NetworkAclEntry) { //Note NetworkAclId is always null for AWS stack resource var y = originalResource2.Properties.NetworkAclEntry.Find(n => n != null && n.RuleNumber == x.RuleNumber && n.RuleAction == x.RuleAction && n.Egress.ToString() == x.Egress.ToString() && n.CidrBlock == x.CidrBlock && n.FromPort == x.FromPort && n.ToPort == x.ToPort && n.Protocol == x.Protocol); if (y == null) { if (CompareRemoves == false) { var z = copyResource.Properties.NetworkAclEntry.Find(n => n != null && n.RuleNumber == x.RuleNumber && n.RuleAction == x.RuleAction && n.Egress.ToString() == x.Egress.ToString() && n.CidrBlock == x.CidrBlock && n.FromPort == x.FromPort && n.ToPort == x.ToPort && n.Protocol == x.Protocol); if (z != null) { z.StateChanged = true; } } } else { if (CompareRemoves == true) { var z = copyResource.Properties.NetworkAclEntry.Find(n => n != null && n.RuleNumber == x.RuleNumber && n.RuleAction == x.RuleAction && n.Egress.ToString() == x.Egress.ToString() && n.CidrBlock == x.CidrBlock && n.FromPort == x.FromPort && n.ToPort == x.ToPort && n.Protocol == x.Protocol); if (z != null) { compareList.Remove(z); } } } } if (copyResource.Properties.NetworkAclEntry.Count() == 0) { copyStack.Resources.Remove(copyResource); } }
private void CompareSecurityGroups(EC2SecurityGroup originalResource1, EC2SecurityGroup originalResource2, EC2SecurityGroup copyResource, CFStack copyStack) { List <EC2SecurityGroupIngress> compareList = copyResource.Properties.SecurityGroupIngress; foreach (EC2SecurityGroupIngress x in originalResource1.Properties.SecurityGroupIngress) { var y = originalResource2.Properties.SecurityGroupIngress.Find(n => n != null && n.CidrIp == x.CidrIp && n.FromPort == x.FromPort && n.ToPort == x.ToPort && n.IpProtocol == x.IpProtocol && n.SourceSecurityGroupId == x.SourceSecurityGroupId); if (y == null) { if (CompareRemoves == false) { var z = copyResource.Properties.SecurityGroupIngress.Find(n => n != null && n.CidrIp == x.CidrIp && n.FromPort == x.FromPort && n.ToPort == x.ToPort && n.IpProtocol == x.IpProtocol && n.SourceSecurityGroupId == x.SourceSecurityGroupId); if (z != null) { z.StateChanged = true; } } } else { if (CompareRemoves == true) { var z = copyResource.Properties.SecurityGroupIngress.Find(n => n != null && n.CidrIp == x.CidrIp && n.FromPort == x.FromPort && n.ToPort == x.ToPort && n.IpProtocol == x.IpProtocol && n.SourceSecurityGroupId == x.SourceSecurityGroupId); if (z != null) { copyResource.Properties.SecurityGroupIngress.Remove(z); } } } } if (copyResource.Properties.SecurityGroupIngress.Count() == 0) { copyStack.Resources.Remove(copyResource); } }
private void Go_Window1() { if (inputsAreValid(source1_CB, profile1_CB, templateOrStack1_TB, validation1_LB)) { AmazonCloudFormationClient CFclient = null; AmazonEC2Client EC2client = null; StackOriginal1 = new CFStack(); StackCopy1 = new CFStack(); try { profileName1 = profile1_CB.Text; if (validateTemplate_CB.Checked || source1_CB.Text == "AWS") { var creds = new StoredProfileAWSCredentials(profileName1); CFclient = new AmazonCloudFormationClient(creds); EC2client = new AmazonEC2Client(creds); } switch (source1_CB.Text) { case "Template": templatePath1 = templateOrStack1_TB.Text.Trim(); using (StreamReader sr = new StreamReader(templatePath1)) { jasonString1 = sr.ReadToEnd(); if (validateTemplate_CB.Checked) { if (validateTemplate(jasonString1, CFclient)) { ProcessTemplate(jasonString1, richTextBox1, templatePath1, StackOriginal1); } } else { ProcessTemplate(jasonString1, richTextBox1, templatePath1, StackOriginal1); } } break; case "AWS": stackName1 = templateOrStack1_TB.Text.Trim(); ProcessLiveStack(stackName1, CFclient, EC2client, richTextBox1, StackOriginal1); break; } profileName1 = profile1_CB.Text.Trim(); } catch (Exception ex) { richTextBox1.Text = ex.Message + Environment.NewLine + ex.StackTrace; } finally { if (CFclient != null) { CFclient.Dispose(); } if (EC2client != null) { EC2client.Dispose(); } } } }