def modify_sg_policy(sg_id, accesskey_id, accesskey_secret, region_id):
    while True:
        print("Now, we will modify safe group ingress policy...")
        print("First, we need to REVOKE the policy...")
        ip_protocal = raw_input("Please select protocal:")
        port_range = raw_input("Please select port range:")
        source_cidr = raw_input("Please select source CiDr block:")
        clt = client.AcsClient(accesskey_id, accesskey_secret, region_id)
        request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest()
        request.set_accept_format('json')
        request.set_SecurityGroupId(sg_id)
        request.set_IpProtocol(ip_protocal)
        request.set_PortRange(port_range)
        request.set_SourceCidrIp(source_cidr)
        result = clt.do_action_with_exception(request)
        print result
        print("Do you want to create a new policy?")
        selection = upper(raw_input("Y/N:"))
        if selection == "Y":
            create_sg_policy(sg_id, accesskey_id, accesskey_secret, region_id)
        print("Do you want to modify another safe group policy?")
        choice = upper(raw_input("Y/N:"))
        if choice == "N":
            break
    return
Example #2
0
def revokeIngress(groupId, permission):
    requestRevoke = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest()
    requestRevoke.set_SecurityGroupId(groupId)
    requestRevoke.set_SourceCidrIp(permission['SourceCidrIp'])
    requestRevoke.set_IpProtocol(permission['IpProtocol'])
    requestRevoke.set_PortRange(permission['PortRange'])
    responseRevoke = client.do_action_with_exception(requestRevoke)
    return json.loads(responseRevoke)
Example #3
0
 def revokeSecurityGroupRequest(self,SecurityGroupID,IpProtocol,PortRange,SourceCidrIp,Priority):
     '''撤销安全组内规则'''
     request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest()
     request.set_SecurityGroupId(SecurityGroupID)
     request.add_query_param('RegionId', 'cn-shenzhen')  #需改为华东1(cn-hangzhou
     request.set_IpProtocol(IpProtocol)
     request.set_PortRange(PortRange)
     request.set_SourceCidrIp(SourceCidrIp)
     request.set_Priority(Priority)
     request.set_accept_format('json')
     return request
def deloldRULE(func):
    global clt
    # 设置参数
    for port in ['3000/3000','34872/34872']:
        request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest()
        request.set_accept_format('json')
        request.add_query_param('RegionId', 'cn-hangzhou')
        request.add_query_param('SecurityGroupId', '目标安全组ID')
        request.add_query_param('IpProtocol', 'tcp')
        request.add_query_param('PortRange', port)
        request.add_query_param('SourceCidrIp', func())
        request.add_query_param('NicType', 'intranet')      #如果不加这句话就是公网删除
        # 发起请求
        response = clt.do_action(request)
        print (response)
 def revokeSecurityGroupRequest(self,
                                SecurityGroupId,
                                IpProtocol,
                                PortRange,
                                NicType='internet',
                                Policy='accept',
                                Priority='1'):
     '''删除一条安全组入方向规则
     '''
     request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest()
     request.set_SecurityGroupId(SecurityGroupId)
     request.set_NicType(NicType)
     request.set_IpProtocol(IpProtocol)
     request.set_PortRange(PortRange)
     request.set_Policy(Policy)
     request.set_Priority(Priority)
     request.set_accept_format('json')
     return request