NOTE: The maximum number of NACL entries associated with a NACL is 20. You might reach this limitation if you receive attacks like DoS frequently. Please consider another way such as AWS WAF in that case.
Add this line to your application's Gemfile:
gem 'banacle'
And then execute:
$ bundle
Or install it yourself as:
$ gem install banacle
Banacle is supposed to be run as a Sinatra server. You can run it simply by rackup
command. Banacle has two endpoints for Slack as follows:
/slack/command
: handle Slash Command/slack/message
: handle Interactive Message
By default, the format of Slack Slash Command is: /[cmd] [create or delete] [region] [vpc_id or vpc_name] [cidr_blocks]
You can customize Banacle by using request handler modules. See example directory which implements a customized authentication feature for details.
Note: Use documentation block for testing. https://tools.ietf.org/html/rfc5737
Execute a command that create a DENY NACL ingress entry for 1.2.3.4 on a VPC named "test" in ap-northeast-1.
Then an approval request appears. Someone else can review the request and decide to approve or reject it. The requester can cancel the request. In this case, the request looks good so the reviewer clicks "Approve" button.
After approving the request, Banacle executes creating the NACL entry on the target VPC through the AWS API as follows.
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/itkq/banacle.