Service/Amazon/Ec2/Securitygroups.php

Show: PublicProtectedPrivateinherited
Table of Contents
Zend Framework

LICENSE

This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to license@zend.com so we can send you a copy immediately.

Category
Zend  
Copyright
Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Package
Zend_Service_Amazon  
Subpackage
Ec2  
Version
$Id: Securitygroups.php 24593 2012-01-05 20:35:02Z matthew $  

\Zend_Service_Amazon_Ec2_Securitygroups

Package: Zend\Service\Amazon\Ec2
An Amazon EC2 interface to create, delete, describe, grand and revoke sercurity permissions.
Parent(s)
\Zend_Service_Amazon_Ec2_Abstract < \Zend_Service_Amazon_Abstract < \Zend_Service_Abstract
Category
Zend  
Copyright
Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  

Properties

>VPropertyprotectedstring $_defaultAccessKey = null
Default valuenullDetails
Type
string
Inherited_from
\Zend_Service_Amazon_Abstract::$$_defaultAccessKey  
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_defaultAccessKey  
>VPropertyprotectedstring $_defaultRegion = null
staticinherited

Amazon Region

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_defaultRegion
Default valuenullDetails
Type
string
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_defaultRegion  
>VPropertyprotectedstring $_defaultSecretKey = null
Default valuenullDetails
Type
string
Inherited_from
\Zend_Service_Amazon_Abstract::$$_defaultSecretKey  
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_defaultSecretKey  
>VPropertyprotected$_ec2ApiVersion = '2009-04-04'
inherited
The API version to use
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_ec2ApiVersion
Default value'2009-04-04'Details
Type
n/a
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_ec2ApiVersion  
>VPropertyprotected$_ec2Endpoint = 'ec2.amazonaws.com'
inherited
The HTTP query server
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_ec2Endpoint
Default value'ec2.amazonaws.com'Details
Type
n/a
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_ec2Endpoint  
>VPropertyprotected$_ec2SignatureMethod = 'HmacSHA256'
inherited
Signature Encoding Method
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureMethod
Default value'HmacSHA256'Details
Type
n/a
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureMethod  
>VPropertyprotected$_ec2SignatureVersion = '2'
inherited
Signature Version
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureVersion
Default value'2'Details
Type
n/a
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_ec2SignatureVersion  
>VPropertyprotected\Zend_Http_Client $_httpClient = null
>VPropertyprotected$_httpTimeout = 10
inherited
Period after which HTTP request will timeout in seconds
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_httpTimeout
Default value10Details
Type
n/a
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_httpTimeout  
>VPropertyprotectedstring $_region
inherited

Amazon Region

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_region
Details
Type
string
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_region  
>VPropertyprotectedarray $_validEc2Regions = array('eu-west-1', 'us-east-1')
staticinherited
An array that contains all the valid Amazon Ec2 Regions.
Inherited from: \Zend_Service_Amazon_Ec2_Abstract::$$_validEc2Regions
Default valuearray('eu-west-1', 'us-east-1')Details
Type
array
Inherited_from
\Zend_Service_Amazon_Ec2_Abstract::$$_validEc2Regions  

Methods

methodpublic__construct( $accessKey = null,  $secretKey = null, string $region = null) : void
inherited

Create Amazon client.

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::__construct()
Parameters
NameTypeDescription
$accessKey
$secretKey
$regionstring

Sets the AWS Region

methodprotected_getAccessKey() : string
Returns
TypeDescription
string
methodprotected_getRegion() : string
inherited

Method to fetch the AWS Region

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::_getRegion()
Returns
TypeDescription
string
methodprotected_getSecretKey() : string
Returns
TypeDescription
string
methodprotectedaddRequiredParameters(array $parameters) : array
inherited

Adds required authentication and version parameters to an array of parameters

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::addRequiredParameters()

The required parameters are: - AWSAccessKey - SignatureVersion - Timestamp - Version and - Signature

If a required parameter is already set in the $parameters array, it is overwritten.

Parameters
NameTypeDescription
$parametersarray

the array to which to add the required parameters.

Returns
TypeDescription
array
methodpublicauthorizeGroup(string $name, string $groupName, string $ownerId) : boolean

Adds permissions to a security group

When authorizing a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

Parameters
NameTypeDescription
$namestring

Name of the group to modify.

$groupNamestring

Name of security group to authorize access to when operating on a user/group pair.

$ownerIdstring

Owner of security group to authorize access to when operating on a user/group pair.

Returns
TypeDescription
boolean
methodpublicauthorizeIp(string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp) : boolean

Adds permissions to a security group

Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

Parameters
NameTypeDescription
$namestring

Name of the group to modify.

$ipProtocolstring

IP protocol to authorize access to when operating on a CIDR IP.

$fromPortinteger

Bottom of port range to authorize access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being authorized.

$toPortinteger

Top of port range to authorize access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being authorized.

$cidrIpstring

CIDR IP range to authorize access to when operating on a CIDR IP.

Returns
TypeDescription
boolean
methodprivatecheckForErrors(\Zend_Service_Amazon_Ec2_Response $response) : void
inherited

Checks for errors responses from Amazon

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::checkForErrors()
Parameters
NameTypeDescription
$response\Zend_Service_Amazon_Ec2_Response

the response object to check.

Throws
ExceptionDescription
\Zend_Service_Amazon_Ec2_Exceptionif one or more errors are returned from Amazon.
methodpubliccreate(string $name, string $description) : boolean

Creates a new security group.

Every instance is launched in a security group. If no security group is specified during launch, the instances are launched in the default security group. Instances within the same security group have unrestricted network access to each other. Instances will reject network access attempts from other instances in a different security group. As the owner of instances you can grant or revoke specific permissions using the authorizeIp, authorizeGroup, revokeGroup and {$link revokeIp} operations.

Parameters
NameTypeDescription
$namestring

Name of the new security group.

$descriptionstring

Description of the new security group.

Returns
TypeDescription
boolean
methodpublicdelete(string $name) : boolean

Deletes a security group.

If you attempt to delete a security group that contains instances, a fault is returned. If you attempt to delete a security group that is referenced by another security group, a fault is returned. For example, if security group B has a rule that allows access from security group A, security group A cannot be deleted until the allow rule is removed.

Parameters
NameTypeDescription
$namestring

Name of the security group to delete.

Returns
TypeDescription
boolean
methodpublicdescribe(string | array $name = null) : array

Returns information about security groups that you own.

If you specify security group names, information about those security group is returned. Otherwise, information for all security group is returned. If you specify a group that does not exist, a fault is returned.

Parameters
NameTypeDescription
$namestring | array

List of security groups to describe

Returns
TypeDescription
array
methodpublicrevokeGroup(string $name, string $groupName, string $ownerId) : boolean

Revokes permissions from a security group.

The permissions used to revoke must be specified using the same values used to grant the permissions.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

When revoking a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.

Parameters
NameTypeDescription
$namestring

Name of the group to modify.

$groupNamestring

Name of security group to revoke access to when operating on a user/group pair.

$ownerIdstring

Owner of security group to revoke access to when operating on a user/group pair.

Returns
TypeDescription
boolean
methodpublicrevokeIp(string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp) : boolean

Revokes permissions from a security group.

The permissions used to revoke must be specified using the same values used to grant the permissions.

Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

Parameters
NameTypeDescription
$namestring

Name of the group to modify.

$ipProtocolstring

IP protocol to revoke access to when operating on a CIDR IP.

$fromPortinteger

Bottom of port range to revoke access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being revoked.

$toPortinteger

Top of port range to revoked access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being revoked.

$cidrIpstring

CIDR IP range to revoke access to when operating on a CIDR IP.

Returns
TypeDescription
boolean
methodprotectedsendRequest(array $params = array()) : \Zend_Service_Amazon_Ec2_Response
inherited

Sends a HTTP request to the queue service using Zend_Http_Client

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::sendRequest()
Parameters
NameTypeDescription
$paramsarray

List of parameters to send with the request

Returns
TypeDescription
\Zend_Service_Amazon_Ec2_Response
Throws
ExceptionDescription
\Zend_Service_Amazon_Ec2_Exception
methodpublicsetHttpClient(\Zend_Http_Client $httpClient) : void
staticfinalinherited

Sets the HTTP client object to use for retrieving the feeds.

Inherited from: \Zend_Service_Abstract::setHttpClient()\Zend_Service_Amazon_Abstract::setHttpClient()\Zend_Service_Amazon_Ec2_Abstract::setHttpClient()

If none is set, the default Zend_Http_Client will be used.

Parameters
NameTypeDescription
$httpClient\Zend_Http_Client
methodpublicsetKeys( $accessKey,  $secretKey) : void
staticinherited

Set the keys to use when accessing SQS.

Inherited from: \Zend_Service_Amazon_Abstract::setKeys()\Zend_Service_Amazon_Ec2_Abstract::setKeys()
Parameters
NameTypeDescription
$accessKey
$secretKey
methodpublicsetRegion(string $region) : void
staticinherited

Set which region you are working in.

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::setRegion()

It will append the end point automaticly

Parameters
NameTypeDescription
$regionstring
methodprotectedsignParameters( $paramaters) : string
inherited

Computes the RFC 2104-compliant HMAC signature for request parameters

Inherited from: \Zend_Service_Amazon_Ec2_Abstract::signParameters()

This implements the Amazon Web Services signature, as per the following specification:

  1. Sort all request parameters (including SignatureVersion and excluding Signature, the value of which is being created), ignoring case.

  2. Iterate over the sorted list and append the parameter name (in its original case) and then its value. Do not URL-encode the parameter values before constructing this string. Do not use any separator characters when appending strings.

Parameters
NameTypeDescription
$paramaters
Returns
TypeDescription
stringthe signed data.
Documentation was generated by phpDocumentor 2.0.0a12.