func main() { // cmdline options versionFlag := flag.Bool("v", false, "show version and exit") cidr := flag.String("c", "", "set a specific cidr block (default: current public ip)") protocol := flag.String("P", "TCP", "protocol to allow (default: TCP)") port := flag.Int("p", 22, "port number to allow (default: 22)") revoke := flag.Bool("r", false, "revoke access from security groups (default: false)") flag.Parse() // show version and exit if *versionFlag { fmt.Printf("let-me-in %v\n", VERSION) return } // if cidr not given get ip from external service if *cidr == "" { ident := os.Getenv("LMI_IDENT_URL") if ident == "" { ident = "http://ident.me/" } ip := getMyIp(ident) + "/32" cidr = &ip } // configure aws-sdk from AWS_* env vars client := ec2.New(&aws.Config{}) // get security group names and any command to exec after '--' groups, cmd := parseArgs(flag.Args()) // convert security group names to ids for vpc ids := getGroupIds(client, groups) // revoke on -r option if *revoke { revokeGroups(client, ids, protocol, port, cidr) } else { authorizeGroups(client, ids, protocol, port, cidr) // exec any command after '--', then revoke if cmd != nil { c := exec.Command(cmd[0], cmd[1:]...) c.Stdout = os.Stdout c.Stdin = os.Stdin c.Stderr = os.Stderr err := c.Run() if err != nil { fmt.Println(err) // show err and keep running so we hit revoke below } revokeGroups(client, ids, protocol, port, cidr) } } }
func TestCopySnapshotPresignedURL(t *testing.T) { svc := ec2.New(&aws.Config{Region: aws.String("us-west-2")}) assert.NotPanics(t, func() { // Doesn't panic on nil input req, _ := svc.CopySnapshotRequest(nil) req.Sign() }) req, _ := svc.CopySnapshotRequest(&ec2.CopySnapshotInput{ SourceRegion: aws.String("us-west-1"), SourceSnapshotId: aws.String("snap-id"), }) req.Sign() b, _ := ioutil.ReadAll(req.HTTPRequest.Body) q, _ := url.ParseQuery(string(b)) url, _ := url.QueryUnescape(q.Get("PresignedUrl")) assert.Equal(t, "us-west-2", q.Get("DestinationRegion")) assert.Regexp(t, `^https://ec2\.us-west-1\.amazon.+&DestinationRegion=us-west-2`, url) }
func TestInterface(t *testing.T) { assert.Implements(t, (*ec2iface.EC2API)(nil), ec2.New(nil)) }