func groups(c cmd, conn *ec2.EC2, _ []string) {
resp, err := conn.SecurityGroups(nil, nil)
check(err, "list groups")
var b bytes.Buffer
printf := func(f string, a ...interface{}) {
fmt.Fprintf(&b, f, a...)
}
for _, g := range resp.Groups {
switch {
case groupsFlags.vv:
printf("%s:%s %s %q\n", g.OwnerId, g.Name, g.Id, g.Description)
for _, p := range g.IPPerms {
printf("\t")
printf("\t-proto %s -from %d -to %d", p.Protocol, p.FromPort, p.ToPort)
for _, g := range p.SourceGroups {
printf(" %s", g.Id)
}
for _, ip := range p.SourceIPs {
printf(" %s", ip)
}
printf("\n")
}
case groupsFlags.v:
printf("%s %s %q\n", g.Name, g.Id, g.Description)
case groupsFlags.ids:
printf("%s\n", g.Id)
default:
printf("%s\n", g.Name)
}
}
os.Stdout.Write(b.Bytes())
}
// createGroup creates a new EC2 group and returns it. If it already exists,
// it revokes all its permissions and returns the existing group.
func createGroup(c *C, ec2conn *amzec2.EC2, name, descr string) amzec2.SecurityGroup {
resp, err := ec2conn.CreateSecurityGroup(name, descr)
if err == nil {
return resp.SecurityGroup
}
if err.(*amzec2.Error).Code != "InvalidGroup.Duplicate" {
c.Fatalf("cannot make group %q: %v", name, err)
}
// Found duplicate group, so revoke its permissions and return it.
gresp, err := ec2conn.SecurityGroups(amzec2.SecurityGroupNames(name), nil)
c.Assert(err, IsNil)
gi := gresp.Groups[0]
if len(gi.IPPerms) > 0 {
_, err = ec2conn.RevokeSecurityGroup(gi.SecurityGroup, gi.IPPerms)
c.Assert(err, IsNil)
}
return gi.SecurityGroup
}