def get_security_groups(request, security_group_ids):
security_groups = []
for group in security_group_ids or []:
try:
security_groups.append(network.security_group_get(request, group))
except Exception:
LOG.info(_("Unable to retrieve security group %(group)s.") % {"group": group})
security_groups.append({"name": group})
return security_groups
def get_security_groups(request, security_group_ids):
security_groups = []
for group in security_group_ids or []:
try:
security_groups.append(network.security_group_get(request, group))
except Exception:
LOG.info(
_('Unable to retrieve security group %(group)s.') %
{'group': group})
security_groups.append({'name': group})
return security_groups
def import_openstack_sg(request, openstack_sg_id):
"""Import security group from OpenStack."""
openstack_sg = network.security_group_get(request, openstack_sg_id)
if openstack_sg.description == "":
openstack_sg.description = "No Description"
# If a security group with the same name exists, delete it and create a new one.
old_sg = get_security_group(request, openstack_sg.name)
if old_sg:
delete_security_group(request, old_sg.get("id"))
ec2_sg = ec2_resource(request).create_security_group(
GroupName=openstack_sg.name, Description=openstack_sg.description)
for rule in openstack_sg.rules:
try:
LOG.debug("start rule : {}".format(rule))
kwargs = {
"IpProtocol":
rule.get("ip_protocol") if rule.get("ip_protocol") else "tcp",
"FromPort":
rule.get("from_port") if rule.get("from_port") else -1,
"ToPort":
rule.get("to_port") if rule.get("to_port") else -1
}
if rule.get("ethertype") == "IPv4":
kwargs["CidrIp"] = str(
rule.get("ip_range", {}).get("cidr", "0.0.0.0/0"))
if rule.get("direction") == "ingress":
LOG.debug("Add ingress rule : {}".format(kwargs))
ec2_sg.authorize_ingress(**kwargs)
elif rule.get("direction") == "egress":
LOG.debug("Add egress rule : {}".format(kwargs))
ec2_sg.authorize_egress(**kwargs)
elif rule.get("ethertype") == "IPv6":
# EC2 IPv6 format support
LOG.debug("IPv6 format not support : {}".format(rule))
except BaseException as e:
LOG.error(
"Import Fail. Cause : {} Rule format something wrong : {}".
format(e, rule))