def sync(config, args): """ Synchronize groups/rules with your configured policy. Adds new groups/rules and REMOVES groups/rules not defined in the configuration file. """ regions = util.regions(config) account_id = aws.account_id(config) if not args.groups_only: policy_rules = [ dict([("region", region)] + rule.items()) for rule in policy.parse(config) for region in regions ] aws_rules = aws.policy(config) add_rules = [rule for rule in policy_rules if rule not in aws_rules] for rule in add_rules: try: result = aws.authorize(rule, account_id) if result: action = "ADDED" else: action = "FAILED ADDING" except (BotoClientError, BotoServerError), exc: action = "FAILED ADDING" if args.debug: print "DEBUG: %s" % exc template = "%s FROM: %s TO: %s PROTOCOL: %s PORT/TYPE: %s" print template % (action, rule["source"], rule["target"], rule["protocol"], rule["port/type"]) del_rules = [rule for rule in aws_rules if rule not in policy_rules] for rule in del_rules: try: result = aws.revoke(rule, account_id) if result: action = "REMOVED" else: action = "FAILED REMOVING" except (BotoClientError, BotoServerError), exc: action = "FAILED REMOVING" if args.debug: print "DEBUG: %s" % exc template = "%s FROM: %s TO: %s PROTOCOL: %s PORT/TYPE: %s" print template % (action, rule["source"], rule["target"], rule["protocol"], rule["port/type"])
conn.create_security_group(group, description=".") action = "CREATED" except (BotoClientError, BotoServerError), exc: action = "FAILED CREATING" if args.debug: print "DEBUG: %s" % exc print "%s %s in %s" % (action, group, region) if not args.groups_only: policy_rules = [ dict([("region", region)] + rule.items()) for rule in policy.parse(config) for region in regions ] aws_rules = aws.policy(config) update_rules = [rule for rule in policy_rules if rule not in aws_rules] for rule in update_rules: try: result = aws.authorize(rule, account_id) if result: action = "ADDED" else: action = "FAILED ADDING" except (BotoClientError, BotoServerError), exc: action = "FAILED ADDING" if args.debug: print "DEBUG: %s" % exc template = "%s FROM: %s TO: %s PROTOCOL: %s PORT/TYPE: %s" print template % (action, rule["source"], rule["target"], rule["protocol"], rule["port/type"]) def sync(config, args): """ Synchronize groups/rules with your configured policy. Adds new