github.com/gophercloud/gophercloud@v1.11.0/openstack/compute/v2/extensions/secgroups/requests.go (about) 1 package secgroups 2 3 import ( 4 "github.com/gophercloud/gophercloud" 5 "github.com/gophercloud/gophercloud/pagination" 6 ) 7 8 func commonList(client *gophercloud.ServiceClient, url string) pagination.Pager { 9 return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page { 10 return SecurityGroupPage{pagination.SinglePageBase(r)} 11 }) 12 } 13 14 // List will return a collection of all the security groups for a particular 15 // tenant. 16 func List(client *gophercloud.ServiceClient) pagination.Pager { 17 return commonList(client, rootURL(client)) 18 } 19 20 // ListByServer will return a collection of all the security groups which are 21 // associated with a particular server. 22 func ListByServer(client *gophercloud.ServiceClient, serverID string) pagination.Pager { 23 return commonList(client, listByServerURL(client, serverID)) 24 } 25 26 // CreateOpts is the struct responsible for creating a security group. 27 type CreateOpts struct { 28 // the name of your security group. 29 Name string `json:"name" required:"true"` 30 // the description of your security group. 31 Description string `json:"description,omitempty"` 32 } 33 34 // CreateOptsBuilder allows extensions to add additional parameters to the 35 // Create request. 36 type CreateOptsBuilder interface { 37 ToSecGroupCreateMap() (map[string]interface{}, error) 38 } 39 40 // ToSecGroupCreateMap builds a request body from CreateOpts. 41 func (opts CreateOpts) ToSecGroupCreateMap() (map[string]interface{}, error) { 42 return gophercloud.BuildRequestBody(opts, "security_group") 43 } 44 45 // Create will create a new security group. 46 func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) { 47 b, err := opts.ToSecGroupCreateMap() 48 if err != nil { 49 r.Err = err 50 return 51 } 52 resp, err := client.Post(rootURL(client), b, &r.Body, &gophercloud.RequestOpts{ 53 OkCodes: []int{200}, 54 }) 55 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 56 return 57 } 58 59 // UpdateOpts is the struct responsible for updating an existing security group. 60 type UpdateOpts struct { 61 // the name of your security group. 62 Name string `json:"name,omitempty"` 63 // the description of your security group. 64 Description *string `json:"description,omitempty"` 65 } 66 67 // UpdateOptsBuilder allows extensions to add additional parameters to the 68 // Update request. 69 type UpdateOptsBuilder interface { 70 ToSecGroupUpdateMap() (map[string]interface{}, error) 71 } 72 73 // ToSecGroupUpdateMap builds a request body from UpdateOpts. 74 func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]interface{}, error) { 75 return gophercloud.BuildRequestBody(opts, "security_group") 76 } 77 78 // Update will modify the mutable properties of a security group, notably its 79 // name and description. 80 func Update(client *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult) { 81 b, err := opts.ToSecGroupUpdateMap() 82 if err != nil { 83 r.Err = err 84 return 85 } 86 resp, err := client.Put(resourceURL(client, id), b, &r.Body, &gophercloud.RequestOpts{ 87 OkCodes: []int{200}, 88 }) 89 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 90 return 91 } 92 93 // Get will return details for a particular security group. 94 func Get(client *gophercloud.ServiceClient, id string) (r GetResult) { 95 resp, err := client.Get(resourceURL(client, id), &r.Body, nil) 96 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 97 return 98 } 99 100 // Delete will permanently delete a security group from the project. 101 func Delete(client *gophercloud.ServiceClient, id string) (r DeleteResult) { 102 resp, err := client.Delete(resourceURL(client, id), nil) 103 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 104 return 105 } 106 107 // CreateRuleOpts represents the configuration for adding a new rule to an 108 // existing security group. 109 type CreateRuleOpts struct { 110 // ID is the ID of the group that this rule will be added to. 111 ParentGroupID string `json:"parent_group_id" required:"true"` 112 113 // FromPort is the lower bound of the port range that will be opened. 114 // Use -1 to allow all ICMP traffic. 115 FromPort int `json:"from_port"` 116 117 // ToPort is the upper bound of the port range that will be opened. 118 // Use -1 to allow all ICMP traffic. 119 ToPort int `json:"to_port"` 120 121 // IPProtocol the protocol type that will be allowed, e.g. TCP. 122 IPProtocol string `json:"ip_protocol" required:"true"` 123 124 // CIDR is the network CIDR to allow traffic from. 125 // This is ONLY required if FromGroupID is blank. This represents the IP 126 // range that will be the source of network traffic to your security group. 127 // Use 0.0.0.0/0 to allow all IP addresses. 128 CIDR string `json:"cidr,omitempty" or:"FromGroupID"` 129 130 // FromGroupID represents another security group to allow access. 131 // This is ONLY required if CIDR is blank. This value represents the ID of a 132 // group that forwards traffic to the parent group. So, instead of accepting 133 // network traffic from an entire IP range, you can instead refine the 134 // inbound source by an existing security group. 135 FromGroupID string `json:"group_id,omitempty" or:"CIDR"` 136 } 137 138 // CreateRuleOptsBuilder allows extensions to add additional parameters to the 139 // CreateRule request. 140 type CreateRuleOptsBuilder interface { 141 ToRuleCreateMap() (map[string]interface{}, error) 142 } 143 144 // ToRuleCreateMap builds a request body from CreateRuleOpts. 145 func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]interface{}, error) { 146 return gophercloud.BuildRequestBody(opts, "security_group_rule") 147 } 148 149 // CreateRule will add a new rule to an existing security group (whose ID is 150 // specified in CreateRuleOpts). You have the option of controlling inbound 151 // traffic from either an IP range (CIDR) or from another security group. 152 func CreateRule(client *gophercloud.ServiceClient, opts CreateRuleOptsBuilder) (r CreateRuleResult) { 153 b, err := opts.ToRuleCreateMap() 154 if err != nil { 155 r.Err = err 156 return 157 } 158 resp, err := client.Post(rootRuleURL(client), b, &r.Body, &gophercloud.RequestOpts{ 159 OkCodes: []int{200}, 160 }) 161 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 162 return 163 } 164 165 // DeleteRule will permanently delete a rule from a security group. 166 func DeleteRule(client *gophercloud.ServiceClient, id string) (r DeleteRuleResult) { 167 resp, err := client.Delete(resourceRuleURL(client, id), nil) 168 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 169 return 170 } 171 172 func actionMap(prefix, groupName string) map[string]map[string]string { 173 return map[string]map[string]string{ 174 prefix + "SecurityGroup": {"name": groupName}, 175 } 176 } 177 178 // AddServer will associate a server and a security group, enforcing the 179 // rules of the group on the server. 180 func AddServer(client *gophercloud.ServiceClient, serverID, groupName string) (r AddServerResult) { 181 resp, err := client.Post(serverActionURL(client, serverID), actionMap("add", groupName), nil, nil) 182 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 183 return 184 } 185 186 // RemoveServer will disassociate a server from a security group. 187 func RemoveServer(client *gophercloud.ServiceClient, serverID, groupName string) (r RemoveServerResult) { 188 resp, err := client.Post(serverActionURL(client, serverID), actionMap("remove", groupName), nil, nil) 189 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 190 return 191 }