1 | 'use strict';
|
2 | var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
3 | return new (P || (P = Promise))(function (resolve, reject) {
|
4 | function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
5 | function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
6 | function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
|
7 | step((generator = generator.apply(thisArg, _arguments || [])).next());
|
8 | });
|
9 | };
|
10 | var requestOption = {
|
11 | method: 'POST'
|
12 | };
|
13 | function describeSecurityGroups(client, region, vpcId, securityGroupName) {
|
14 | return __awaiter(this, void 0, void 0, function* () {
|
15 | var params = {
|
16 | 'RegionId': region,
|
17 | 'VpcId': vpcId
|
18 | };
|
19 | if (securityGroupName) {
|
20 | Object.assign(params, {
|
21 | 'SecurityGroupName': securityGroupName
|
22 | });
|
23 | }
|
24 | const describeRs = yield client.request('DescribeSecurityGroups', params, requestOption);
|
25 | const securityGroup = describeRs.SecurityGroups.SecurityGroup;
|
26 | return securityGroup;
|
27 | });
|
28 | }
|
29 | function authSecurityGroupRule(ecsClient, region, securityGroupId, protocol, port) {
|
30 | return __awaiter(this, void 0, void 0, function* () {
|
31 | var params = {
|
32 | 'RegionId': region,
|
33 | 'SecurityGroupId': securityGroupId,
|
34 | 'IpProtocol': protocol,
|
35 | 'PortRange': port,
|
36 | 'Policy': 'Accept',
|
37 | 'SourceCidrIp': '0.0.0.0/0',
|
38 | 'NicType': 'intranet'
|
39 | };
|
40 | const rs = yield ecsClient.request('AuthorizeSecurityGroup', params, requestOption);
|
41 | return rs;
|
42 | });
|
43 | }
|
44 | function authDefaultSecurityGroupRules(ecsClient, region, securityGroupId) {
|
45 | return __awaiter(this, void 0, void 0, function* () {
|
46 | const sgRules = [
|
47 | { protocol: 'TCP', port: '80/80' },
|
48 | { protocol: 'TCP', port: '443/443' },
|
49 | { protocol: 'ICMP', port: '-1/-1' },
|
50 | { protocol: 'TCP', port: '22/22' }
|
51 | ];
|
52 | for (const rule of sgRules) {
|
53 | yield authSecurityGroupRule(ecsClient, region, securityGroupId, rule.protocol, rule.port);
|
54 | }
|
55 | });
|
56 | }
|
57 | function createSecurityGroup(ecsClient, region, vpcId, securityGroupName) {
|
58 | return __awaiter(this, void 0, void 0, function* () {
|
59 | var params = {
|
60 | 'RegionId': region,
|
61 | 'SecurityGroupName': securityGroupName,
|
62 | 'Description': 'default security group created by fc fun',
|
63 | 'VpcId': vpcId,
|
64 | 'SecurityGroupType': 'normal'
|
65 | };
|
66 | var createRs;
|
67 | try {
|
68 | createRs = yield ecsClient.request('CreateSecurityGroup', params, requestOption);
|
69 | }
|
70 | catch (ex) {
|
71 | throw ex;
|
72 | }
|
73 | return createRs.SecurityGroupId;
|
74 | });
|
75 | }
|
76 | module.exports = {
|
77 | describeSecurityGroups,
|
78 | createSecurityGroup,
|
79 | authDefaultSecurityGroupRules
|
80 | };
|