private String createSecurityGroupInRegion()

in providers/aws-ec2/src/main/java/org/jclouds/aws/ec2/compute/loaders/AWSEC2CreateSecurityGroupIfNeeded.java [77:142]

• 59 lines of code
• 9 McCabe index (conditional complexity)

   private String createSecurityGroupInRegion(String region, final String name, String vpcId, int... ports) {
      checkNotNull(region, "region");
      checkNotNull(name, "name");
      logger.debug(">> creating securityGroup region(%s) name(%s)", region, name);

      try {
         CreateSecurityGroupOptions options = new CreateSecurityGroupOptions();
         if (vpcId != null) {
            options.vpcId(vpcId);
         }
         String id = securityApi.createSecurityGroupInRegionAndReturnId(region, name, name, options);
         boolean created = securityGroupEventualConsistencyDelay.apply(new RegionAndName(region, name));
         if (!created)
            throw new RuntimeException(String.format("security group %s/%s is not available after creating", region,
                  name));
         logger.debug("<< created securityGroup(%s)", name);

         ImmutableSet.Builder<IpPermission> permissions = ImmutableSet.builder();

         if (ports.length > 0) {
            for (Map.Entry<Integer, Integer> range : getPortRangesFromList(ports).entrySet()) {
               permissions.add(IpPermission.builder()
                               .fromPort(range.getKey())
                               .toPort(range.getValue())
                               .ipProtocol(IpProtocol.TCP)
                               .cidrBlock("0.0.0.0/0")
                               .build());
            }

            // Use filter (as per `SecurityGroupPresent`, in securityGroupEventualConsistencyDelay)
            Set<SecurityGroup> securityGroups = securityApi.describeSecurityGroupsInRegionById(region, id);
            if (securityGroups.isEmpty()) {
               throw new IllegalStateException(String.format("security group %s/%s not found after creating", region, name));
            } else if (securityGroups.size() > 1) {
               throw new IllegalStateException(String.format("multiple security groups matching %s/%s found after creating: %s", 
                     region, name, securityGroups));
            }
            SecurityGroup securityGroup = Iterables.getOnlyElement(securityGroups);
            String myOwnerId = securityGroup.getOwnerId();
            permissions.add(IpPermission.builder()
                            .fromPort(0)
                            .toPort(65535)
                            .ipProtocol(IpProtocol.TCP)
                            .tenantIdGroupNamePair(myOwnerId, id)
                            .build());
            permissions.add(IpPermission.builder()
                            .fromPort(0)
                            .toPort(65535)
                            .ipProtocol(IpProtocol.UDP)
                            .tenantIdGroupNamePair(myOwnerId, id)
                            .build());
         }

         Set<IpPermission> perms = permissions.build();

         if (!perms.isEmpty()) {
            logger.debug(">> authorizing securityGroup region(%s) name(%s) IpPermissions(%s)", region, name, perms);
            securityApi.authorizeSecurityGroupIngressInRegion(region, id, perms);
            logger.debug("<< authorized securityGroup(%s)", name);
         }
         return id;
      } catch (IllegalStateException e) {
         logger.debug("<< reused securityGroup(%s)", name);
         return groupNameToId.apply(new RegionAndName(region, name).slashEncode());
      }
   }