import time import logging import os from functools import wraps from util import getorraise, _revoke, PyLogReqLogger, GRANT_KEY_FORMULA, fix_cidr import redis import boto.ec2 from boto.utils import RequestHook from flask import Flask from flask import request, redirect, Response, render_template app = Flask(__name__) port = getorraise('PORT', 'HTTP listen port') password = getorraise('PASSWORD', 'HTTP Password') aws_access = getorraise('AWS_ACCESS_KEY', 'AWS access key') aws_secret = getorraise('AWS_SECRET_KEY', 'AWS secret key') boto_region = getorraise('AWS_REGION', 'AWS region') redis_url = getorraise('REDIS_URL', 'Redis URL') debug = os.getenv('DEBUG') debug = debug is not None def check_auth(given_username, given_password): """This function is called to check if a username / password combination is valid. """ return given_username == 'root' and given_password == password
import argparse import logging import time from util import _revoke, getorraise, PyLogReqLogger, GRANT_KEY_FORMULA import redis import boto.ec2 aws_access = getorraise('AWS_ACCESS_KEY', 'AWS access key') aws_secret = getorraise('AWS_SECRET_KEY', 'AWS secret key') boto_region = getorraise('AWS_REGION', 'AWS region') redis_url = getorraise('REDIS_URL', 'Redis URL') rds = redis.from_url(redis_url) ec2 = boto.ec2.connect_to_region(boto_region, aws_access_key_id=aws_access, aws_secret_access_key=aws_secret) ec2.set_request_hook(PyLogReqLogger()) parser = argparse.ArgumentParser(description='Revoke old security group rules') parser.add_argument('--dry', dest='dry', action='store_true', help='Dry run: don\'t actually remove security group rules that have expired') args = parser.parse_args() if __name__ == "__main__": logger = logging.getLogger() logger.setLevel(logging.INFO) logger.addHandler(logging.StreamHandler()) security_groups = ec2.get_all_security_groups() for security_group in security_groups: for rule in security_group.rules: grants_with_cidrs = []