Service/Amazon/Ec2/Securitygroups.php
inherited
Classes
Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to [email protected] so we can send you a copy immediately.
- Category
- Zend
- Copyright
- Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Package
- Zend_Service_Amazon
- Subpackage
- Ec2
- Version
- $Id: Securitygroups.php 24593 2012-01-05 20:35:02Z matthew $
\Zend_Service_Amazon_Ec2_Securitygroups
An Amazon EC2 interface to create, delete, describe, grand and revoke sercurity permissions.
- Parent(s)
- \Zend_Service_Amazon_Ec2_Abstract < \Zend_Service_Amazon_Abstract < \Zend_Service_Abstract
- Category
- Zend
- Copyright
- Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
Properties
string $_accessKey = - Type
- string
- Inherited_from
- \Zend_Service_Amazon_Abstract::$$_accessKey
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_accessKey
string $_defaultAccessKey = nullnullDetails- Type
- string
- Inherited_from
- \Zend_Service_Amazon_Abstract::$$_defaultAccessKey
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_defaultAccessKey
string $_defaultRegion = nullnullDetails- Type
- string
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_defaultRegion
string $_defaultSecretKey = nullnullDetails- Type
- string
- Inherited_from
- \Zend_Service_Amazon_Abstract::$$_defaultSecretKey
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_defaultSecretKey
$_ec2ApiVersion = '2009-04-04'
'2009-04-04'Details- Type
- n/a
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_ec2ApiVersion
$_ec2Endpoint = 'ec2.amazonaws.com'
'ec2.amazonaws.com'Details- Type
- n/a
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_ec2Endpoint
$_ec2SignatureMethod = 'HmacSHA256'Signature Encoding Method
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureMethod'HmacSHA256'Details- Type
- n/a
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureMethod
$_ec2SignatureVersion = '2'Signature Version
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureVersion'2'Details- Type
- n/a
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureVersion
\Zend_Http_Client $_httpClient = nullHTTP Client used to query all web services
Inherited from: \Zend_Service_Abstract::$$_httpClient\Zend_Service_Amazon_Abstract::$$_httpClient\Zend_Service_Amazon_Ec2_Abstract::$$_httpClientnullDetails- Type
- \Zend_Http_Client
- Inherited_from
- \Zend_Service_Abstract::$$_httpClient
- Inherited_from
- \Zend_Service_Amazon_Abstract::$$_httpClient
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_httpClient
$_httpTimeout = 10Period after which HTTP request will timeout in seconds
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_httpTimeout10Details- Type
- n/a
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_httpTimeout
string $_region = - Type
- string
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_region
string $_secretKey = - Type
- string
- Inherited_from
- \Zend_Service_Amazon_Abstract::$$_secretKey
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_secretKey
array $_validEc2Regions = array('eu-west-1', 'us-east-1')An array that contains all the valid Amazon Ec2 Regions.
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_validEc2Regionsarray('eu-west-1', 'us-east-1')Details- Type
- array
- Inherited_from
- \Zend_Service_Amazon_Ec2_Abstract::$$_validEc2Regions
Methods
__construct( $accessKey = null, $secretKey = null, string $region = null) : void| Name | Type | Description |
|---|---|---|
| $accessKey | ||
| $secretKey | ||
| $region | string | Sets the AWS Region |
_getAccessKey() : stringMethod to fetch the Access Key
Inherited from: \Zend_Service_Amazon_Abstract::_getAccessKey()\Zend_Service_Amazon_Ec2_Abstract::_getAccessKey()| Type | Description |
|---|---|
| string |
_getRegion() : stringMethod to fetch the AWS Region
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::_getRegion()| Type | Description |
|---|---|
| string |
_getSecretKey() : stringMethod to fetch the Secret AWS Key
Inherited from: \Zend_Service_Amazon_Abstract::_getSecretKey()\Zend_Service_Amazon_Ec2_Abstract::_getSecretKey()| Type | Description |
|---|---|
| string |
addRequiredParameters(array $parameters) : arrayAdds required authentication and version parameters to an array of parameters
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::addRequiredParameters()The required parameters are: - AWSAccessKey - SignatureVersion - Timestamp - Version and - Signature
If a required parameter is already set in the $parameters array, it is overwritten.
| Name | Type | Description |
|---|---|---|
| $parameters | array | the array to which to add the required parameters. |
| Type | Description |
|---|---|
| array |
authorizeGroup(string $name, string $groupName, string $ownerId) : booleanAdds permissions to a security group
When authorizing a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
| Name | Type | Description |
|---|---|---|
| $name | string | Name of the group to modify. |
| $groupName | string | Name of security group to authorize access to when operating on a user/group pair. |
| $ownerId | string | Owner of security group to authorize access to when operating on a user/group pair. |
| Type | Description |
|---|---|
| boolean |
authorizeIp(string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp) : booleanAdds permissions to a security group
Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
| Name | Type | Description |
|---|---|---|
| $name | string | Name of the group to modify. |
| $ipProtocol | string | IP protocol to authorize access to when operating on a CIDR IP. |
| $fromPort | integer | Bottom of port range to authorize access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being authorized. |
| $toPort | integer | Top of port range to authorize access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being authorized. |
| $cidrIp | string | CIDR IP range to authorize access to when operating on a CIDR IP. |
| Type | Description |
|---|---|
| boolean |
checkForErrors(\Zend_Service_Amazon_Ec2_Response $response) : voidChecks for errors responses from Amazon
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::checkForErrors()| Name | Type | Description |
|---|---|---|
| $response | \Zend_Service_Amazon_Ec2_Response | the response object to check. |
| Exception | Description |
|---|---|
| \Zend_Service_Amazon_Ec2_Exception | if one or more errors are returned from Amazon. |
create(string $name, string $description) : booleanCreates a new security group.
Every instance is launched in a security group. If no security group is specified during launch, the instances are launched in the default security group. Instances within the same security group have unrestricted network access to each other. Instances will reject network access attempts from other instances in a different security group. As the owner of instances you can grant or revoke specific permissions using the authorizeIp, authorizeGroup, revokeGroup and {$link revokeIp} operations.
| Name | Type | Description |
|---|---|---|
| $name | string | Name of the new security group. |
| $description | string | Description of the new security group. |
| Type | Description |
|---|---|
| boolean |
delete(string $name) : booleanDeletes a security group.
If you attempt to delete a security group that contains instances, a fault is returned. If you attempt to delete a security group that is referenced by another security group, a fault is returned. For example, if security group B has a rule that allows access from security group A, security group A cannot be deleted until the allow rule is removed.
| Name | Type | Description |
|---|---|---|
| $name | string | Name of the security group to delete. |
| Type | Description |
|---|---|
| boolean |
describe(string | array $name = null) : arrayReturns information about security groups that you own.
If you specify security group names, information about those security group is returned. Otherwise, information for all security group is returned. If you specify a group that does not exist, a fault is returned.
| Name | Type | Description |
|---|---|---|
| $name | string | array | List of security groups to describe |
| Type | Description |
|---|---|
| array |
getHttpClient() : \Zend_Http_ClientGets the HTTP client object.
Inherited from: \Zend_Service_Abstract::getHttpClient()\Zend_Service_Amazon_Abstract::getHttpClient()\Zend_Service_Amazon_Ec2_Abstract::getHttpClient()| Type | Description |
|---|---|
| \Zend_Http_Client |
revokeGroup(string $name, string $groupName, string $ownerId) : booleanRevokes permissions from a security group.
The permissions used to revoke must be specified using the same values used to grant the permissions.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
When revoking a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.
| Name | Type | Description |
|---|---|---|
| $name | string | Name of the group to modify. |
| $groupName | string | Name of security group to revoke access to when operating on a user/group pair. |
| $ownerId | string | Owner of security group to revoke access to when operating on a user/group pair. |
| Type | Description |
|---|---|
| boolean |
revokeIp(string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp) : booleanRevokes permissions from a security group.
The permissions used to revoke must be specified using the same values used to grant the permissions.
Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
| Name | Type | Description |
|---|---|---|
| $name | string | Name of the group to modify. |
| $ipProtocol | string | IP protocol to revoke access to when operating on a CIDR IP. |
| $fromPort | integer | Bottom of port range to revoke access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being revoked. |
| $toPort | integer | Top of port range to revoked access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being revoked. |
| $cidrIp | string | CIDR IP range to revoke access to when operating on a CIDR IP. |
| Type | Description |
|---|---|
| boolean |
sendRequest(array $params = array()) : \Zend_Service_Amazon_Ec2_ResponseSends a HTTP request to the queue service using Zend_Http_Client
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::sendRequest()| Name | Type | Description |
|---|---|---|
| $params | array | List of parameters to send with the request |
| Type | Description |
|---|---|
| \Zend_Service_Amazon_Ec2_Response |
| Exception | Description |
|---|---|
| \Zend_Service_Amazon_Ec2_Exception |
setHttpClient(\Zend_Http_Client $httpClient) : voidSets the HTTP client object to use for retrieving the feeds.
Inherited from: \Zend_Service_Abstract::setHttpClient()\Zend_Service_Amazon_Abstract::setHttpClient()\Zend_Service_Amazon_Ec2_Abstract::setHttpClient()If none is set, the default Zend_Http_Client will be used.
| Name | Type | Description |
|---|---|---|
| $httpClient | \Zend_Http_Client |
setKeys( $accessKey, $secretKey) : voidSet the keys to use when accessing SQS.
Inherited from: \Zend_Service_Amazon_Abstract::setKeys()\Zend_Service_Amazon_Ec2_Abstract::setKeys()| Name | Type | Description |
|---|---|---|
| $accessKey | ||
| $secretKey |
setRegion(string $region) : voidSet which region you are working in.
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::setRegion()It will append the end point automaticly
| Name | Type | Description |
|---|---|---|
| $region | string |
signParameters( $paramaters) : stringComputes the RFC 2104-compliant HMAC signature for request parameters
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::signParameters()This implements the Amazon Web Services signature, as per the following specification:
Sort all request parameters (including SignatureVersion and excluding Signature, the value of which is being created), ignoring case.
Iterate over the sorted list and append the parameter name (in its original case) and then its value. Do not URL-encode the parameter values before constructing this string. Do not use any separator characters when appending strings.
| Name | Type | Description |
|---|---|---|
| $paramaters |
| Type | Description |
|---|---|
| string | the signed data. |