setup sgs and relationships

lib/neoinfra/aws.rb

@@ -90,6 +90,31 @@ module NeoInfra
       end
     end
 
+    def load_security_groups
+      @cfg.accounts.each do |account|
+        base_conf = {
+          provider: 'AWS',
+          aws_access_key_id: account[:key],
+          aws_secret_access_key: account[:secret]
+        }
+        self.regions.each do |region|
+          region_conf = { region: region }
+          conn = Fog::Compute.new(region_conf.merge(base_conf))
+          conn.security_groups.all.each do |grp|
+            next unless SecurityGroup.where(sg_id: grp.group_id).empty?
+            g = SecurityGroup.new(
+              sg_id: grp.group_id,
+              name: grp.name,
+              description: grp.description,
+            )
+            g.save
+            SecurityGroupOwner.create(from_node: g, to_node:  AwsAccount.where(account_id: grp.owner_id).first)
+            SecurityGroupVpc.create(from_node: g, to_node:  Vpc.where(vpc_id: grp.vpc_id).first)
+          end
+        end
+      end
+    end
+
     def load_rds
       @cfg.accounts.each do |account|
         base_conf = {

lib/neoinfra/nodes.rb

@@ -58,6 +58,19 @@ module NeoInfra
             NodeSubnet.create(from_node: n, to_node: Subnet.where(subnet_id: ec2.subnet_id).first)
             NodeAz.create(from_node: n, to_node: Az.where(az: ec2.availability_zone).first)
             NodeSshKey.create(from_node: n, to_node: SshKey.where(name: ec2.key_name).first)
+            ec2.network_interfaces.select{|x| x.length > 0 }.each do |i|
+              if i.has_key? 'groupIds'
+                i['groupIds'].each do |g|
+                  begin
+                    NodeSecurityGroup.create(from_node: n, to_node: SecurityGroup.where(sg_id: g).first)
+                  rescue
+                    puts "Security Groups: #{account[:name]}/#{region} couldn't get the following to work:"
+                    p ec2
+                    p g
+                  end
+                end
+              end
+            end
           end
         end
       end

models/nodes.rb

@@ -16,6 +16,47 @@ class Node
   has_one :out, :az, rel_class: :NodeAz
   has_one :out, :sshkey, rel_class: :NodeSshKey
   has_one :out, :account, rel_class: :NodeAccount
+  has_many :out, :node_sg, rel_class: :NodeSecurityGroup
+end
+
+class SecurityGroup
+  include Neo4j::ActiveNode
+  property :sg_id, constraint: :unique
+  property :name
+  property :description
+  has_one  :out, :sg_owner, rel_class: :SecurityGroupOwner
+  has_one  :out, :sg_vpc, rel_class: :SecurityGroupVpc
+#  has_many :out, :ip_rules, rel_class: :SecurityGroupsIpRules
+#  has_many :out, :sg_rules, rel_class: :SecurityGroupsSgRules
+end
+
+class NodeSecurityGroup
+  include Neo4j::ActiveRel
+  from_class :Node
+  to_class   :SecurityGroup
+  type       :node_sg
+end
+
+class SecurityGroupOwner
+  include Neo4j::ActiveRel
+  from_class :SecurityGroup
+  to_class   :AwsAccount
+  type       :sg_owner
+end
+
+class SecurityGroupVpc
+  include Neo4j::ActiveRel
+  from_class :SecurityGroup
+  to_class   :Vpc
+  type       :sg_vpc
+end
+
+class IpRules
+  include Neo4j::ActiveNode
+  property :cidr_block
+  property :direction
+  property :proto
+  property :start_port
 end
 
 # SSH key class

tasks/load_data.rake

@@ -43,6 +43,13 @@ namespace :load_data do
     j.load_rds
   end
 
+  desc 'Load Security Groups'
+  task :security_groups do
+    puts 'loading Security Groups'
+    j = NeoInfra::Aws.new
+    j.load_security_groups
+  end
+
   desc 'Load Everything'
-  task all: %i[accounts regions vpcs buckets nodes rds]
+  task all: %i[accounts regions vpcs buckets security_groups nodes rds]
 end