|
|
|
@ -307,11 +307,11 @@ def make_rule_key(prefix, rule, group_id, cidr_ip):
|
|
|
|
|
|
|
|
|
|
|
|
def add_rules_to_lookup(ipPermissions, group_id, prefix, dict):
|
|
|
|
def add_rules_to_lookup(ipPermissions, group_id, prefix, dict):
|
|
|
|
for rule in ipPermissions:
|
|
|
|
for rule in ipPermissions:
|
|
|
|
for groupGrant in rule.get('UserIdGroupPairs'):
|
|
|
|
for groupGrant in rule.get('UserIdGroupPairs', []):
|
|
|
|
dict[make_rule_key(prefix, rule, group_id, groupGrant.get('GroupId'))] = (rule, groupGrant)
|
|
|
|
dict[make_rule_key(prefix, rule, group_id, groupGrant.get('GroupId'))] = (rule, groupGrant)
|
|
|
|
for ipv4Grants in rule.get('IpRanges'):
|
|
|
|
for ipv4Grants in rule.get('IpRanges', []):
|
|
|
|
dict[make_rule_key(prefix, rule, group_id, ipv4Grants.get('CidrIp'))] = (rule, ipv4Grants)
|
|
|
|
dict[make_rule_key(prefix, rule, group_id, ipv4Grants.get('CidrIp'))] = (rule, ipv4Grants)
|
|
|
|
for ipv6Grants in rule.get('Ipv6Ranges'):
|
|
|
|
for ipv6Grants in rule.get('Ipv6Ranges', []):
|
|
|
|
dict[make_rule_key(prefix, rule, group_id, ipv6Grants.get('CidrIpv6'))] = (rule, ipv6Grants)
|
|
|
|
dict[make_rule_key(prefix, rule, group_id, ipv6Grants.get('CidrIpv6'))] = (rule, ipv6Grants)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -759,7 +759,7 @@ def main():
|
|
|
|
ips = ip_permission
|
|
|
|
ips = ip_permission
|
|
|
|
if vpc_id:
|
|
|
|
if vpc_id:
|
|
|
|
[useridpair.update({'VpcId': vpc_id}) for useridpair in
|
|
|
|
[useridpair.update({'VpcId': vpc_id}) for useridpair in
|
|
|
|
ip_permission.get('UserIdGroupPairs')]
|
|
|
|
ip_permission.get('UserIdGroupPairs', [])]
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
client.authorize_security_group_ingress(GroupId=group['GroupId'], IpPermissions=[ips])
|
|
|
|
client.authorize_security_group_ingress(GroupId=group['GroupId'], IpPermissions=[ips])
|
|
|
|
except botocore.exceptions.ClientError as e:
|
|
|
|
except botocore.exceptions.ClientError as e:
|
|
|
|
@ -824,7 +824,7 @@ def main():
|
|
|
|
ips = ip_permission
|
|
|
|
ips = ip_permission
|
|
|
|
if vpc_id:
|
|
|
|
if vpc_id:
|
|
|
|
[useridpair.update({'VpcId': vpc_id}) for useridpair in
|
|
|
|
[useridpair.update({'VpcId': vpc_id}) for useridpair in
|
|
|
|
ip_permission.get('UserIdGroupPairs')]
|
|
|
|
ip_permission.get('UserIdGroupPairs', [])]
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
client.authorize_security_group_egress(GroupId=group['GroupId'], IpPermissions=[ips])
|
|
|
|
client.authorize_security_group_egress(GroupId=group['GroupId'], IpPermissions=[ips])
|
|
|
|
except botocore.exceptions.ClientError as e:
|
|
|
|
except botocore.exceptions.ClientError as e:
|
|
|
|
|
arnonki
7 years ago
committed by