Exemple #1
0
// convert group names to ids, which are needed for vpcs
func getGroupIds(client *ec2.EC2, names []string) []*string {

	// get names as array of aws.String objects
	values := make([]*string, len(names))
	for i, name := range names {
		values[i] = aws.String(name)
	}

	// request params as filter for names
	params := &ec2.DescribeSecurityGroupsInput{
		Filters: []*ec2.Filter{
			{
				Name:   aws.String("group-name"),
				Values: values,
			},
		},
	}

	// send request
	resp, err := client.DescribeSecurityGroups(params)
	check(err)

	// return ids
	for i, group := range resp.SecurityGroups {
		values[i] = group.GroupId
	}

	return values
}
Exemple #2
0
// revoke permission from security group
func revokeGroup(client *ec2.EC2, id *string, protocol *string, port *int, cidr *string) {

	// make the request
	params := &ec2.RevokeSecurityGroupIngressInput{
		GroupId:    aws.String(*id),
		IpProtocol: aws.String(*protocol),
		FromPort:   aws.Int64(int64(*port)),
		ToPort:     aws.Int64(int64(*port)),
		CidrIp:     aws.String(*cidr),
	}

	_, err := client.RevokeSecurityGroupIngress(params)

	// be idempotent, i.e. skip error if this permission does not exist in group
	if err != nil {
		if err.(awserr.Error).Code() != "InvalidPermission.NotFound" {
			panic(err)
		}
	}
}