github.com/huaweicloud/golangsdk@v0.0.0-20210831081626-d823fe11ceba/openstack/compute/v2/extensions/secgroups/requests.go (about) 1 package secgroups 2 3 import ( 4 "github.com/huaweicloud/golangsdk" 5 "github.com/huaweicloud/golangsdk/pagination" 6 ) 7 8 func commonList(client *golangsdk.ServiceClient, url string) pagination.Pager { 9 return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page { 10 return SecurityGroupPage{pagination.SinglePageBase(r)} 11 }) 12 } 13 14 // List will return a collection of all the security groups for a particular 15 // tenant. 16 func List(client *golangsdk.ServiceClient) pagination.Pager { 17 return commonList(client, rootURL(client)) 18 } 19 20 // ListByServer will return a collection of all the security groups which are 21 // associated with a particular server. 22 func ListByServer(client *golangsdk.ServiceClient, serverID string) pagination.Pager { 23 return commonList(client, listByServerURL(client, serverID)) 24 } 25 26 // GroupOpts is the underlying struct responsible for creating or updating 27 // security groups. It therefore represents the mutable attributes of a 28 // security group. 29 type GroupOpts struct { 30 // the name of your security group. 31 Name string `json:"name" required:"true"` 32 // the description of your security group. 33 Description string `json:"description" required:"true"` 34 } 35 36 // CreateOpts is the struct responsible for creating a security group. 37 type CreateOpts GroupOpts 38 39 // CreateOptsBuilder allows extensions to add additional parameters to the 40 // Create request. 41 type CreateOptsBuilder interface { 42 ToSecGroupCreateMap() (map[string]interface{}, error) 43 } 44 45 // ToSecGroupCreateMap builds a request body from CreateOpts. 46 func (opts CreateOpts) ToSecGroupCreateMap() (map[string]interface{}, error) { 47 return golangsdk.BuildRequestBody(opts, "security_group") 48 } 49 50 // Create will create a new security group. 51 func Create(client *golangsdk.ServiceClient, opts CreateOptsBuilder) (r CreateResult) { 52 b, err := opts.ToSecGroupCreateMap() 53 if err != nil { 54 r.Err = err 55 return 56 } 57 _, r.Err = client.Post(rootURL(client), b, &r.Body, &golangsdk.RequestOpts{ 58 OkCodes: []int{200}, 59 }) 60 return 61 } 62 63 // UpdateOpts is the struct responsible for updating an existing security group. 64 type UpdateOpts GroupOpts 65 66 // UpdateOptsBuilder allows extensions to add additional parameters to the 67 // Update request. 68 type UpdateOptsBuilder interface { 69 ToSecGroupUpdateMap() (map[string]interface{}, error) 70 } 71 72 // ToSecGroupUpdateMap builds a request body from UpdateOpts. 73 func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]interface{}, error) { 74 return golangsdk.BuildRequestBody(opts, "security_group") 75 } 76 77 // Update will modify the mutable properties of a security group, notably its 78 // name and description. 79 func Update(client *golangsdk.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult) { 80 b, err := opts.ToSecGroupUpdateMap() 81 if err != nil { 82 r.Err = err 83 return 84 } 85 _, r.Err = client.Put(resourceURL(client, id), b, &r.Body, &golangsdk.RequestOpts{ 86 OkCodes: []int{200}, 87 }) 88 return 89 } 90 91 // Get will return details for a particular security group. 92 func Get(client *golangsdk.ServiceClient, id string) (r GetResult) { 93 _, r.Err = client.Get(resourceURL(client, id), &r.Body, nil) 94 return 95 } 96 97 // Delete will permanently delete a security group from the project. 98 func Delete(client *golangsdk.ServiceClient, id string) (r DeleteResult) { 99 _, r.Err = client.Delete(resourceURL(client, id), nil) 100 return 101 } 102 103 // CreateRuleOpts represents the configuration for adding a new rule to an 104 // existing security group. 105 type CreateRuleOpts struct { 106 // ID is the ID of the group that this rule will be added to. 107 ParentGroupID string `json:"parent_group_id" required:"true"` 108 109 // FromPort is the lower bound of the port range that will be opened. 110 // Use -1 to allow all ICMP traffic. 111 FromPort int `json:"from_port"` 112 113 // ToPort is the upper bound of the port range that will be opened. 114 // Use -1 to allow all ICMP traffic. 115 ToPort int `json:"to_port"` 116 117 // IPProtocol the protocol type that will be allowed, e.g. TCP. 118 IPProtocol string `json:"ip_protocol" required:"true"` 119 120 // CIDR is the network CIDR to allow traffic from. 121 // This is ONLY required if FromGroupID is blank. This represents the IP 122 // range that will be the source of network traffic to your security group. 123 // Use 0.0.0.0/0 to allow all IP addresses. 124 CIDR string `json:"cidr,omitempty" or:"FromGroupID"` 125 126 // FromGroupID represents another security group to allow access. 127 // This is ONLY required if CIDR is blank. This value represents the ID of a 128 // group that forwards traffic to the parent group. So, instead of accepting 129 // network traffic from an entire IP range, you can instead refine the 130 // inbound source by an existing security group. 131 FromGroupID string `json:"group_id,omitempty" or:"CIDR"` 132 } 133 134 // CreateRuleOptsBuilder allows extensions to add additional parameters to the 135 // CreateRule request. 136 type CreateRuleOptsBuilder interface { 137 ToRuleCreateMap() (map[string]interface{}, error) 138 } 139 140 // ToRuleCreateMap builds a request body from CreateRuleOpts. 141 func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]interface{}, error) { 142 return golangsdk.BuildRequestBody(opts, "security_group_rule") 143 } 144 145 // CreateRule will add a new rule to an existing security group (whose ID is 146 // specified in CreateRuleOpts). You have the option of controlling inbound 147 // traffic from either an IP range (CIDR) or from another security group. 148 func CreateRule(client *golangsdk.ServiceClient, opts CreateRuleOptsBuilder) (r CreateRuleResult) { 149 b, err := opts.ToRuleCreateMap() 150 if err != nil { 151 r.Err = err 152 return 153 } 154 _, r.Err = client.Post(rootRuleURL(client), b, &r.Body, &golangsdk.RequestOpts{ 155 OkCodes: []int{200}, 156 }) 157 return 158 } 159 160 // DeleteRule will permanently delete a rule from a security group. 161 func DeleteRule(client *golangsdk.ServiceClient, id string) (r DeleteRuleResult) { 162 _, r.Err = client.Delete(resourceRuleURL(client, id), nil) 163 return 164 } 165 166 func actionMap(prefix, groupName string) map[string]map[string]string { 167 return map[string]map[string]string{ 168 prefix + "SecurityGroup": {"name": groupName}, 169 } 170 } 171 172 // AddServer will associate a server and a security group, enforcing the 173 // rules of the group on the server. 174 func AddServer(client *golangsdk.ServiceClient, serverID, groupName string) (r AddServerResult) { 175 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("add", groupName), nil, nil) 176 return 177 } 178 179 // RemoveServer will disassociate a server from a security group. 180 func RemoveServer(client *golangsdk.ServiceClient, serverID, groupName string) (r RemoveServerResult) { 181 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("remove", groupName), nil, nil) 182 return 183 }