def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-')
and len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if target_group is not None:
if target_group.startswith('sg-') and len(target_group) == 11:
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use '
'group IDs, not names')
self.params[
'IpPermissions.1.Groups.1.GroupName'] = target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if str(protocol).lower() in ('icmp', 'tcp', 'udp', '1', '6', '17'):
from_port, to_port = parse_ports(protocol,
self.args.get('port_range'),
self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
elif str(protocol).lower() in ('all', '-1'):
self.params['IpPermissions.1.IpProtocol'] = -1
elif not str(protocol).isdigit():
try:
self.params['IpPermissions.1.IpProtocol'] = \
socket.getprotobyname(protocol)
except socket.error:
raise ArgumentError(
'argument -P: no such protocol: {0}'.format(protocol))
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName')
and not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName')
and not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if self.args['group'].startswith('sg-'):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if target_group is not None:
if target_group.startswith('sg-'):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use '
'group IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = \
target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if str(protocol).lower() in ('icmp', 'tcp', 'udp', '1', '6', '17'):
from_port, to_port = parse_ports(
protocol, self.args.get('port_range'),
self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
elif str(protocol).lower() in ('all', '-1'):
self.params['IpPermissions.1.IpProtocol'] = -1
elif not str(protocol).isdigit():
try:
self.params['IpPermissions.1.IpProtocol'] = \
socket.getprotobyname(protocol)
except socket.error:
raise ArgumentError('argument -P: no such protocol: {0}'
.format(protocol))
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName') and
not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName') and
not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-')
and len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if target_group is not None:
if target_group.startswith('sg-') and len(target_group) == 11:
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use '
'group IDs, not names')
self.params[
'IpPermissions.1.Groups.1.GroupName'] = target_group
from_port, to_port = parse_ports(
self.args.get('IpPermissions.1.IpProtocol'),
self.args.get('port_range'), self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName')
and not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName')
and not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-') and
len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if (target_group is not None and target_group.startswith('sg-') and
len(target_group) == 11):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use group '
'IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = target_group
from_port, to_port = parse_ports(
self.args.get('IpPermissions.1.IpProtocol'),
self.args.get('port_range'), self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName') and
not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName') and
not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if not self.params.get('Egress'):
self.params['Egress'] = False
proto = self.args.get('Protocol') or -1
try:
self.params['Protocol'] = int(proto)
except ValueError:
if proto.lower() == 'all':
self.params['Protocol'] = -1
else:
try:
self.params['Protocol'] = socket.getprotobyname(proto)
except socket.error:
raise ArgumentError('argument -n/--rule-number: unknown '
'protocol "{0}"'.format(proto))
from_port, to_port = parse_ports(proto, self.args.get('port_range'),
self.args.get('icmp_type_code'))
if self.params['Protocol'] == 1: # ICMP
self.params['Icmp.Type'] = from_port
self.params['Icmp.Code'] = to_port
else:
self.params['PortRange.From'] = from_port
self.params['PortRange.To'] = to_port
def configure(self):
EC2Request.configure(self)
if not self.params.get('Egress'):
self.params['Egress'] = False
proto = self.args.get('Protocol') or -1
try:
self.params['Protocol'] = int(proto)
except ValueError:
if proto.lower() == 'all':
self.params['Protocol'] = -1
else:
try:
self.params['Protocol'] = socket.getprotobyname(proto)
except socket.error:
raise ArgumentError('argument -n/--rule-number: unknown '
'protocol "{0}"'.format(proto))
from_port, to_port = parse_ports(proto, self.args.get('port_range'),
self.args.get('icmp_type_code'))
if self.params['Protocol'] == 1: # ICMP
self.params['Icmp.Type'] = from_port
self.params['Icmp.Code'] = to_port
else:
self.params['PortRange.From'] = from_port
self.params['PortRange.To'] = to_port
