def decorated(*args, **kwargs): ec2 = boto.ec2.connect_to_region(boto_region, aws_access_key_id=aws_access, aws_secret_access_key=aws_secret) ec2.set_request_hook(PyLogReqLogger()) kwargs['ec2'] = ec2 return f(*args, **kwargs)
import argparse import logging import time from util import _revoke, getorraise, PyLogReqLogger, GRANT_KEY_FORMULA import redis import boto.ec2 aws_access = getorraise('AWS_ACCESS_KEY', 'AWS access key') aws_secret = getorraise('AWS_SECRET_KEY', 'AWS secret key') boto_region = getorraise('AWS_REGION', 'AWS region') redis_url = getorraise('REDIS_URL', 'Redis URL') rds = redis.from_url(redis_url) ec2 = boto.ec2.connect_to_region(boto_region, aws_access_key_id=aws_access, aws_secret_access_key=aws_secret) ec2.set_request_hook(PyLogReqLogger()) parser = argparse.ArgumentParser(description='Revoke old security group rules') parser.add_argument('--dry', dest='dry', action='store_true', help='Dry run: don\'t actually remove security group rules that have expired') args = parser.parse_args() if __name__ == "__main__": logger = logging.getLogger() logger.setLevel(logging.INFO) logger.addHandler(logging.StreamHandler()) security_groups = ec2.get_all_security_groups() for security_group in security_groups: for rule in security_group.rules: grants_with_cidrs = []