|
|
@ -114,11 +114,21 @@ except ImportError:
|
|
|
|
sys.exit(1)
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def make_rule_key(prefix, rule, group_id, cidr_ip):
|
|
|
|
|
|
|
|
"""Creates a unique key for an individual group rule"""
|
|
|
|
|
|
|
|
if isinstance(rule, dict):
|
|
|
|
|
|
|
|
proto, from_port, to_port = [rule.get(x, None) for x in ('proto', 'from_port', 'to_port')]
|
|
|
|
|
|
|
|
else: # isinstance boto.ec2.securitygroup.IPPermissions
|
|
|
|
|
|
|
|
proto, from_port, to_port = [getattr(rule, x, None) for x in ('ip_protocol', 'from_port', 'to_port')]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
key = "%s-%s-%s-%s-%s-%s" % (prefix, proto, from_port, to_port, group_id, cidr_ip)
|
|
|
|
|
|
|
|
return key.lower().replace('-none', '-None')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def addRulesToLookup(rules, prefix, dict):
|
|
|
|
def addRulesToLookup(rules, prefix, dict):
|
|
|
|
for rule in rules:
|
|
|
|
for rule in rules:
|
|
|
|
for grant in rule.grants:
|
|
|
|
for grant in rule.grants:
|
|
|
|
dict["%s-%s-%s-%s-%s-%s" % (prefix, rule.ip_protocol, rule.from_port, rule.to_port,
|
|
|
|
dict[make_rule_key(prefix, rule, grant.group_id, grant.cidr_ip)] = rule
|
|
|
|
grant.group_id, grant.cidr_ip)] = rule
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_target_from_rule(module, ec2, rule, name, group, groups, vpc_id):
|
|
|
|
def get_target_from_rule(module, ec2, rule, name, group, groups, vpc_id):
|
|
|
@ -279,7 +289,7 @@ def main():
|
|
|
|
rule['to_port'] = None
|
|
|
|
rule['to_port'] = None
|
|
|
|
|
|
|
|
|
|
|
|
# If rule already exists, don't later delete it
|
|
|
|
# If rule already exists, don't later delete it
|
|
|
|
ruleId = "%s-%s-%s-%s-%s-%s" % ('in', rule['proto'], rule['from_port'], rule['to_port'], group_id, ip)
|
|
|
|
ruleId = make_rule_key('in', rule, group_id, ip)
|
|
|
|
if ruleId in groupRules:
|
|
|
|
if ruleId in groupRules:
|
|
|
|
del groupRules[ruleId]
|
|
|
|
del groupRules[ruleId]
|
|
|
|
# Otherwise, add new rule
|
|
|
|
# Otherwise, add new rule
|
|
|
@ -320,7 +330,7 @@ def main():
|
|
|
|
rule['to_port'] = None
|
|
|
|
rule['to_port'] = None
|
|
|
|
|
|
|
|
|
|
|
|
# If rule already exists, don't later delete it
|
|
|
|
# If rule already exists, don't later delete it
|
|
|
|
ruleId = "%s-%s-%s-%s-%s-%s" % ('out', rule['proto'], rule['from_port'], rule['to_port'], group_id, ip)
|
|
|
|
ruleId = make_rule_key('out', rule, group_id, ip)
|
|
|
|
if ruleId in groupRules:
|
|
|
|
if ruleId in groupRules:
|
|
|
|
del groupRules[ruleId]
|
|
|
|
del groupRules[ruleId]
|
|
|
|
# Otherwise, add new rule
|
|
|
|
# Otherwise, add new rule
|
|
|
|