1 | 'use strict';
|
2 | var requestOption = {
|
3 | method: 'POST'
|
4 | };
|
5 |
|
6 | async function describeSecurityGroups(client, region, vpcId, securityGroupName) {
|
7 | var params = {
|
8 | 'RegionId': region,
|
9 | 'VpcId': vpcId
|
10 | };
|
11 |
|
12 | if (securityGroupName) {
|
13 | Object.assign(params, {
|
14 | 'SecurityGroupName': securityGroupName
|
15 | });
|
16 | }
|
17 | const describeRs = await client.request('DescribeSecurityGroups', params, requestOption);
|
18 |
|
19 | const securityGroup = describeRs.SecurityGroups.SecurityGroup;
|
20 |
|
21 | return securityGroup;
|
22 | }
|
23 |
|
24 | async function authSecurityGroupRule(ecsClient, region, securityGroupId, protocol, port) {
|
25 | var params = {
|
26 | 'RegionId': region,
|
27 | 'SecurityGroupId': securityGroupId,
|
28 | 'IpProtocol': protocol,
|
29 | 'PortRange': port,
|
30 | 'Policy': 'Accept',
|
31 | 'SourceCidrIp': '0.0.0.0/0',
|
32 | 'NicType': 'intranet'
|
33 | };
|
34 |
|
35 | const rs = await ecsClient.request('AuthorizeSecurityGroup', params, requestOption);
|
36 | return rs;
|
37 | }
|
38 |
|
39 | async function authDefaultSecurityGroupRules(ecsClient, region, securityGroupId) {
|
40 |
|
41 | const sgRules = [
|
42 | { protocol: 'TCP', port: '80/80' },
|
43 | { protocol: 'TCP', port: '443/443' },
|
44 | { protocol: 'ICMP', port: '-1/-1' },
|
45 | { protocol: 'TCP', port: '22/22' }
|
46 | ];
|
47 |
|
48 | for (const rule of sgRules) {
|
49 | await authSecurityGroupRule(ecsClient, region, securityGroupId, rule.protocol, rule.port);
|
50 | }
|
51 | }
|
52 |
|
53 | async function createSecurityGroup(ecsClient, region, vpcId, securityGroupName) {
|
54 | var params = {
|
55 | 'RegionId': region,
|
56 | 'SecurityGroupName': securityGroupName,
|
57 | 'Description': 'default security group created by fc fun',
|
58 | 'VpcId': vpcId,
|
59 | 'SecurityGroupType': 'normal'
|
60 | };
|
61 |
|
62 | var createRs;
|
63 |
|
64 | try {
|
65 |
|
66 | createRs = await ecsClient.request('CreateSecurityGroup', params, requestOption);
|
67 |
|
68 | } catch (ex) {
|
69 | throw ex;
|
70 | }
|
71 |
|
72 | return createRs.SecurityGroupId;
|
73 | }
|
74 |
|
75 | module.exports = {
|
76 | describeSecurityGroups,
|
77 | createSecurityGroup,
|
78 | authDefaultSecurityGroupRules
|
79 | }; |
\ | No newline at end of file |