def process_cli_args(self):
# We need to parse out -t and -p *before* argparse can see it because
# of Python bug 9334, which prevents argparse from recognizing '-1:-1'
# as an option value and not a (nonexistent) option name.
saved_sys_argv = list(sys.argv)
def parse_neg_one_value(opt_name):
if opt_name in sys.argv:
index = sys.argv.index(opt_name)
if (index < len(sys.argv) - 1 and
sys.argv[index + 1].startswith('-1')):
opt_val = sys.argv[index + 1]
del sys.argv[index:index + 2]
return opt_val
icmp_type_code = (parse_neg_one_value('-t') or
parse_neg_one_value('--icmp-type-code'))
port_range = (parse_neg_one_value('-p') or
parse_neg_one_value('--port-range'))
EC2Request.process_cli_args(self)
if icmp_type_code:
self.args['icmp_type_code'] = icmp_type_code
if port_range:
self.args['port_range'] = port_range
sys.argv = saved_sys_argv
def configure(self):
EC2Request.configure(self)
if not self.params.get('Storage.S3.AWSAccessKeyId'):
config_key_id = self.config.get_user_option('key-id')
if config_key_id:
self.log.info('Using access key ID %s from configuration',
config_key_id)
self.params['Storage.S3.AWSAccessKeyId'] = config_key_id
else:
raise ArgumentError('argument -o/--owner-akid is required')
if not self.params.get('Storage.S3.UploadPolicy'):
if not self.args.get('owner_sak'):
config_secret_key = self.config.get_user_option('secret-key')
if config_secret_key:
self.log.info('Using secret key from configuration')
self.args['owner_sak'] = config_secret_key
else:
raise ArgumentError('argument -w/--owner-sak is required '
'when -c/--policy is not used')
elif not self.args.get('Storage.S3.UploadPolicySignature'):
if not self.args.get('owner_sak'):
config_secret_key = self.config.get_user_option('secret-key')
if config_secret_key:
self.log.info('Using secret key from configuration')
self.args['owner_sak'] = config_secret_key
else:
raise ArgumentError('argument -w/--owner-sak is required '
'when -s/--policy-signature is not '
'used')
def process_cli_args(self):
# We need to parse out -t and -p *before* argparse can see it because
# of Python bug 9334, which prevents argparse from recognizing '-1:-1'
# as an option value and not a (nonexistent) option name.
saved_sys_argv = list(sys.argv)
def parse_neg_one_value(opt_name):
if opt_name in sys.argv:
index = sys.argv.index(opt_name)
if (index < len(sys.argv) - 1
and sys.argv[index + 1].startswith('-1')):
opt_val = sys.argv[index + 1]
del sys.argv[index:index + 2]
return opt_val
icmp_type_code = (parse_neg_one_value('-t')
or parse_neg_one_value('--icmp-type-code'))
port_range = (parse_neg_one_value('-p')
or parse_neg_one_value('--port-range'))
EC2Request.process_cli_args(self)
if icmp_type_code:
self.args['icmp_type_code'] = icmp_type_code
if port_range:
self.args['port_range'] = port_range
sys.argv = saved_sys_argv
def configure(self):
EC2Request.configure(self)
self.configure_s3_access()
if self.params['Image.Format'].upper() in ('VMDK', 'VHD', 'RAW'):
self.params['Image.Format'] = self.params['Image.Format'].upper()
if not self.params.get('Image.Bytes'):
if self.params['Image.Format'] == 'RAW':
image_size = euca2ools.util.get_filesize(self.args['source'])
self.params['Image.Bytes'] = image_size
elif self.params['Image.Format'] == 'VMDK':
image_size = euca2ools.util.get_vmdk_image_size(
self.args['source'])
self.params['Image.Bytes'] = image_size
else:
raise ArgumentError(
'argument --image-size is required for {0} files'.format(
self.params['Image.Format']))
if not self.params.get('Volume.Size'):
vol_size = math.ceil(self.params['Image.Bytes'] / 2**30)
self.params['Volume.Size'] = int(vol_size)
if not self.args.get('expires'):
self.args['expires'] = 30
if self.args['expires'] < 1:
raise ArgumentError(
'argument -x/--expires: value must be positive')
def configure(self):
EC2Request.configure(self)
if self.args.get('user_data'):
if os.path.isfile(self.args['user_data']):
raise ArgumentError(
'argument -d/--user-data: to pass the contents of a file '
'as user data, use -f/--user-data-file. To pass the '
"literal value '{0}' as user data even though it matches "
'the name of a file, use --user-data-force.')
else:
self.params['UserData'] = base64.b64encode(
self.args['user_data'])
elif self.args.get('user_data_force'):
self.params['UserData'] = base64.b64encode(
self.args['user_data_force'])
elif self.args.get('user_data_file'):
with open(self.args['user_data_file']) as user_data_file:
self.params['UserData'] = base64.b64encode(
user_data_file.read())
if self.args.get('KeyName') is None:
default_key_name = self.config.get_region_option(
'ec2-default-keypair')
if default_key_name:
self.log.info("using default key pair '%s'", default_key_name)
self.params['KeyName'] = default_key_name
def configure(self):
EC2Request.configure(self)
self.configure_s3_access()
if (self.params['DiskImage.1.Image.Format'].upper() in
('VMDK', 'VHD', 'RAW')):
self.params['DiskImage.1.Image.Format'] = \
self.params['DiskImage.1.Image.Format'].upper()
if not self.params.get('DiskImage.1.Image.Bytes'):
if self.params['DiskImage.1.Image.Format'] == 'RAW':
image_size = euca2ools.util.get_filesize(self.args['source'])
self.params['DiskImage.1.Image.Bytes'] = image_size
else:
raise ArgumentError(
'argument --image-size is required for {0} files'
.format(self.params['DiskImage.1.Image.Format']))
if not self.params.get('DiskImage.1.Volume.Size'):
vol_size = math.ceil(self.params['DiskImage.1.Image.Bytes'] /
2 ** 30)
self.params['DiskImage.1.Volume.Size'] = int(vol_size)
if not self.args.get('expires'):
self.args['expires'] = 30
if self.args['expires'] < 1:
raise ArgumentError(
'argument -x/--expires: value must be positive')
def configure(self):
EC2Request.configure(self)
if not self.params.get('Storage.S3.AWSAccessKeyId'):
config_key_id = self.config.get_user_option('key-id')
if config_key_id:
self.log.info('Using access key ID %s from configuration',
config_key_id)
self.params['Storage.S3.AWSAccessKeyId'] = config_key_id
else:
raise ArgumentError('argument -o/--owner-akid is required')
if not self.params.get('Storage.S3.UploadPolicy'):
if not self.args.get('owner_sak'):
config_secret_key = self.config.get_user_option('secret-key')
if config_secret_key:
self.log.info('Using secret key from configuration')
self.args['owner_sak'] = config_secret_key
else:
raise ArgumentError('argument -w/--owner-sak is required '
'when -c/--policy is not used')
elif not self.args.get('Storage.S3.UploadPolicySignature'):
if not self.args.get('owner_sak'):
config_secret_key = self.config.get_user_option('secret-key')
if config_secret_key:
self.log.info('Using secret key from configuration')
self.args['owner_sak'] = config_secret_key
else:
raise ArgumentError('argument -w/--owner-sak is required '
'when -s/--policy-signature is not '
'used')
def configure(self):
EC2Request.configure(self)
if self.args.get('user_data'):
if os.path.isfile(self.args['user_data']):
raise ArgumentError(
'argument -d/--user-data: to pass the contents of a file '
'as user data, use -f/--user-data-file. To pass the '
"literal value '{0}' as user data even though it matches "
'the name of a file, use --user-data-force.')
else:
self.params['UserData'] = base64.b64encode(
self.args['user_data'])
elif self.args.get('user_data_force'):
self.params['UserData'] = base64.b64encode(
self.args['user_data_force'])
elif self.args.get('user_data_file'):
with open(self.args['user_data_file']) as user_data_file:
self.params['UserData'] = base64.b64encode(
user_data_file.read())
if self.args.get('KeyName') is None:
default_key_name = self.config.get_region_option(
'ec2-default-keypair')
if default_key_name:
self.log.info("using default key pair '%s'", default_key_name)
self.params['KeyName'] = default_key_name
def configure(self):
EC2Request.configure(self)
gateway_id = self.args['gateway_id']
if gateway_id:
if gateway_id.startswith('nat-'):
self.params['NatGatewayId'] = gateway_id
else:
self.params['GatewayId'] = gateway_id
def configure(self):
EC2Request.configure(self)
if (self.args.get('Reset') and any(
self.args.get(attr) is not None
for attr in ('Cpu', 'Disk', 'Memory'))):
# Basically, reset is mutually exclusive with everything else.
raise ArgumentError('argument --reset may not be used with '
'instance type attributes')
def configure(self):
EC2Request.configure(self)
if (self.args.get('Reset') and
any(self.args.get(attr) is not None for attr in
('Cpu', 'Disk', 'Memory'))):
# Basically, reset is mutually exclusive with everything else.
raise ArgumentError('argument --reset may not be used with '
'instance type attributes')
def configure(self):
EC2Request.configure(self)
if self.args.get("PublicIp") is not None and self.args.get("AllocationId") is not None:
# Can't be both EC2 and VPC
raise ArgumentError("argument -a/--allocation-id: not allowed with an IP address")
if self.args.get("PublicIp") is None and self.args.get("AllocationId") is None:
# ...but we still have to be one of them
raise ArgumentError("argument -a/--allocation-id or an IP address is required")
def configure(self):
EC2Request.configure(self)
self.configure_s3_access()
if not self.args.get('expires'):
self.args['expires'] = 30
if self.args['expires'] < 1:
raise ArgumentError(
'argument -x/--expires: value must be positive')
def configure(self):
EC2Request.configure(self)
if self.args.get("positional_interface"):
if self.params.get("NetworkInterfaceId"):
# Shouldn't be supplied both positionally and optionally
raise ArgumentError("unrecognized arguments: {0}".format(self.args["positional_interface"]))
self.params["NetworkInterfaceId"] = self.args["positional_interface"]
if not self.params.get("NetworkInterfaceId"):
raise ArgumentError("argument -n/--network-interface is required")
def configure(self):
EC2Request.configure(self)
if not self.args.get('Size') and not self.args.get('SnapshotId'):
raise ArgumentError('-s/--size or --snapshot must be specified')
if self.args.get('Iops') and not self.args.get('VolumeType'):
raise ArgumentError('argument -i/--iops: -t/--type is required')
if self.args.get('Iops') and self.args.get('VolumeType') == 'standard':
raise ArgumentError(
'argument -i/--iops: not allowed with volume type "standard"')
def configure(self):
EC2Request.configure(self)
if self.args.get('all'):
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
if self.args.get('RestorableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -r/--restorable-by')
def configure(self):
EC2Request.configure(self)
if self.args.get('all'):
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
if self.args.get('RestorableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -r/--restorable-by')
def configure(self):
EC2Request.configure(self)
if self.args.get('positional_vpc'):
if self.params.get('VpcId'):
# Shouldn't be supplied both positionally and optionally
raise ArgumentError('unrecognized arguments: {0}'.format(
self.args['positional_vpc']))
self.params['VpcId'] = self.args['positional_vpc']
if not self.params.get('VpcId'):
raise ArgumentError('argument -c/--vpc is required')
def configure(self):
EC2Request.configure(self)
if self.args.get('positional_vpc'):
if self.params.get('VpcId'):
# Shouldn't be supplied both positionally and optionally
raise ArgumentError('unrecognized arguments: {0}'.format(
self.args['positional_vpc']))
self.params['VpcId'] = self.args['positional_vpc']
if not self.params.get('VpcId'):
raise ArgumentError('argument -c/--vpc is required')
def configure(self):
EC2Request.configure(self)
if self.args.get('positional_cidr'):
if self.params.get('CidrBlock'):
# Shouldn't be supplied both positionally and optionally
raise ArgumentError('unrecognized arguments: {0}'.format(
self.args['positional_cidr']))
self.params['CidrBlock'] = self.args['positional_cidr']
if not self.params.get('CidrBlock'):
raise ArgumentError('argument -i/--cidr is required')
def configure(self):
EC2Request.configure(self)
if not self.args.get('Storage.S3.UploadPolicy'):
if not self.args.get('owner_sak'):
raise ArgumentError('argument -w/--owner-sak is required when '
'-c/--policy is not used')
elif not self.args.get('Storage.S3.UploadPolicySignature'):
if not self.args.get('owner_sak'):
raise ArgumentError('argument -w/--owner-sak is required when '
'-s/--policy-signature is not used')
def configure(self):
EC2Request.configure(self)
if not self.args.get('Storage.S3.UploadPolicy'):
if not self.args.get('owner_sak'):
raise ArgumentError('argument -w/--owner-sak is required when '
'-c/--policy is not used')
elif not self.args.get('Storage.S3.UploadPolicySignature'):
if not self.args.get('owner_sak'):
raise ArgumentError('argument -w/--owner-sak is required when '
'-s/--policy-signature is not used')
def configure(self):
EC2Request.configure(self)
if self.args.get('positional_cidr'):
if self.params.get('CidrBlock'):
# Shouldn't be supplied both positionally and optionally
raise ArgumentError('unrecognized arguments: {0}'.format(
self.args['positional_cidr']))
self.params['CidrBlock'] = self.args['positional_cidr']
if not self.params.get('CidrBlock'):
raise ArgumentError('argument -i/--cidr is required')
def configure(self):
EC2Request.configure(self)
if (self.args.get('Attachment.DeleteOnTermination') is not None and
not self.args.get('Attachment.AttachmentId')):
raise ArgumentError('argument --delete-on-termination may only be '
'used with -a/--attachment')
if (self.args.get('Attachment.AttachmentId') and
self.args.get('Attachment.DeleteOnTermination') is None):
raise ArgumentError('argument -a/--attachment also requires '
'--delete-on-termination')
def configure(self):
EC2Request.configure(self)
if self.args.get('positional_interface'):
if self.params.get('NetworkInterfaceId'):
# Shouldn't be supplied both positionally and optionally
raise ArgumentError('unrecognized arguments: {0}'.format(
self.args['positional_interface']))
self.params['NetworkInterfaceId'] = \
self.args['positional_interface']
if not self.params.get('NetworkInterfaceId'):
raise ArgumentError('argument -n/--network-interface is required')
def configure(self):
EC2Request.configure(self)
if self.args.get('positional_interface'):
if self.params.get('NetworkInterfaceId'):
# Shouldn't be supplied both positionally and optionally
raise ArgumentError('unrecognized arguments: {0}'.format(
self.args['positional_interface']))
self.params['NetworkInterfaceId'] = \
self.args['positional_interface']
if not self.params.get('NetworkInterfaceId'):
raise ArgumentError('argument -n/--network-interface is required')
def configure(self):
EC2Request.configure(self)
if self.args.get('all', False):
if self.args.get('ImageId'):
raise ArgumentError('argument -a/--all: not allowed with '
'a list of images')
if self.args.get('ExecutableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -x/--executable-by')
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
def configure(self):
EC2Request.configure(self)
if (self.args.get('PublicIp') is not None and
self.args.get('AllocationId') is not None):
# Can't be both EC2 and VPC
raise ArgumentError(
'argument -a/--allocation-id: not allowed with an IP address')
if (self.args.get('PublicIp') is None and
self.args.get('AllocationId') is None):
# ...but we still have to be one of them
raise ArgumentError(
'argument -a/--allocation-id or an IP address is required')
def configure(self):
EC2Request.configure(self)
if self.args.get('PublicIp'):
if self.args.get('AssociationId'):
raise ArgumentError('argument -a/--association-id: not '
'allowed with an IP address')
elif self.args['PublicIp'].startswith('eipassoc'):
raise ArgumentError('VPC elastic IP association IDs must be '
'be specified with -a/--association-id')
elif not self.args.get('AssociationId'):
raise ArgumentError(
'argument -a/--association-id or an IP address is required')
def configure(self):
EC2Request.configure(self)
if self.args.get('all', False):
if self.args.get('ImageId'):
raise ArgumentError('argument -a/--all: not allowed with '
'a list of images')
if self.args.get('ExecutableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -x/--executable-by')
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
def configure(self):
EC2Request.configure(self)
if self.args.get('PublicIp'):
if self.args.get('AssociationId'):
raise ArgumentError('argument -a/--association-id: not '
'allowed with an IP address')
elif self.args['PublicIp'].startswith('eipassoc'):
raise ArgumentError('VPC elastic IP association IDs must be '
'be specified with -a/--association-id')
elif not self.args.get('AssociationId'):
raise ArgumentError(
'argument -a/--association-id or an IP address is required')
def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-')
and len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if target_group is not None:
if target_group.startswith('sg-') and len(target_group) == 11:
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use '
'group IDs, not names')
self.params[
'IpPermissions.1.Groups.1.GroupName'] = target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if str(protocol).lower() in ('icmp', 'tcp', 'udp', '1', '6', '17'):
from_port, to_port = parse_ports(protocol,
self.args.get('port_range'),
self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
elif str(protocol).lower() in ('all', '-1'):
self.params['IpPermissions.1.IpProtocol'] = -1
elif not str(protocol).isdigit():
try:
self.params['IpPermissions.1.IpProtocol'] = \
socket.getprotobyname(protocol)
except socket.error:
raise ArgumentError(
'argument -P: no such protocol: {0}'.format(protocol))
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName')
and not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName')
and not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if self.args['group'].startswith('sg-'):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if target_group is not None:
if target_group.startswith('sg-'):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use '
'group IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = \
target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if str(protocol).lower() in ('icmp', 'tcp', 'udp', '1', '6', '17'):
from_port, to_port = parse_ports(
protocol, self.args.get('port_range'),
self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
elif str(protocol).lower() in ('all', '-1'):
self.params['IpPermissions.1.IpProtocol'] = -1
elif not str(protocol).isdigit():
try:
self.params['IpPermissions.1.IpProtocol'] = \
socket.getprotobyname(protocol)
except socket.error:
raise ArgumentError('argument -P: no such protocol: {0}'
.format(protocol))
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName') and
not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName') and
not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if (self.args.get('PublicIp') is not None
and self.args.get('AllocationId') is not None):
# Can't be both EC2 and VPC
raise ArgumentError(
'argument -a/--allocation-id: not allowed with an IP address')
if (self.args.get('PublicIp') is None
and self.args.get('AllocationId') is None):
# ...but we still have to be one of them
raise ArgumentError(
'argument -a/--allocation-id or an IP address is required')
if (self.args.get('PublicIp') or '').startswith('eipalloc-'):
# Make allocation IDs work positionally for convenience
self.params['AllocationId'] = self.params.pop('PublicIp')
def configure(self):
EC2Request.configure(self)
if (self.args.get('PublicIp') is not None and
self.args.get('AllocationId') is not None):
# Can't be both EC2 and VPC
raise ArgumentError(
'argument -a/--allocation-id: not allowed with an IP address')
if (self.args.get('PublicIp') is None and
self.args.get('AllocationId') is None):
# ...but we still have to be one of them
raise ArgumentError(
'argument -a/--allocation-id or an IP address is required')
if (self.args.get('PublicIp') or '').startswith('eipalloc-'):
# Make allocation IDs work positionally for convenience
self.params['AllocationId'] = self.params.pop('PublicIp')
def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-')
and len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if target_group is not None:
if target_group.startswith('sg-') and len(target_group) == 11:
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use '
'group IDs, not names')
self.params[
'IpPermissions.1.Groups.1.GroupName'] = target_group
from_port, to_port = parse_ports(
self.args.get('IpPermissions.1.IpProtocol'),
self.args.get('port_range'), self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName')
and not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName')
and not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
self.configure_s3_access()
if self.params["DiskImage.1.Image.Format"].upper() in ("VMDK", "VHD", "RAW"):
self.params["DiskImage.1.Image.Format"] = self.params["DiskImage.1.Image.Format"].upper()
if not self.params.get("DiskImage.1.Image.Bytes"):
if self.params["DiskImage.1.Image.Format"] == "RAW":
image_size = euca2ools.util.get_filesize(self.args["source"])
self.params["DiskImage.1.Image.Bytes"] = image_size
else:
raise ArgumentError(
"argument --image-size is required for {0} files".format(self.params["DiskImage.1.Image.Format"])
)
if not self.params.get("DiskImage.1.Volume.Size"):
vol_size = math.ceil(self.params["DiskImage.1.Image.Bytes"] / 2 ** 30)
self.params["DiskImage.1.Volume.Size"] = int(vol_size)
if not self.args.get("expires"):
self.args["expires"] = 30
if self.args["expires"] < 1:
raise ArgumentError("argument -x/--expires: value must be positive")
def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-') and
len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if (target_group is not None and target_group.startswith('sg-') and
len(target_group) == 11):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use group '
'IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = target_group
from_port, to_port = parse_ports(
self.args.get('IpPermissions.1.IpProtocol'),
self.args.get('port_range'), self.args.get('icmp_type_code'))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName') and
not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName') and
not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if not self.params.get('Egress'):
self.params['Egress'] = False
proto = self.args.get('Protocol') or -1
try:
self.params['Protocol'] = int(proto)
except ValueError:
if proto.lower() == 'all':
self.params['Protocol'] = -1
else:
try:
self.params['Protocol'] = socket.getprotobyname(proto)
except socket.error:
raise ArgumentError('argument -n/--rule-number: unknown '
'protocol "{0}"'.format(proto))
from_port, to_port = parse_ports(proto, self.args.get('port_range'),
self.args.get('icmp_type_code'))
if self.params['Protocol'] == 1: # ICMP
self.params['Icmp.Type'] = from_port
self.params['Icmp.Code'] = to_port
else:
self.params['PortRange.From'] = from_port
self.params['PortRange.To'] = to_port
def configure(self):
EC2Request.configure(self)
if not self.params.get('Egress'):
self.params['Egress'] = False
proto = self.args.get('Protocol') or -1
try:
self.params['Protocol'] = int(proto)
except ValueError:
if proto.lower() == 'all':
self.params['Protocol'] = -1
else:
try:
self.params['Protocol'] = socket.getprotobyname(proto)
except socket.error:
raise ArgumentError('argument -n/--rule-number: unknown '
'protocol "{0}"'.format(proto))
from_port, to_port = parse_ports(proto, self.args.get('port_range'),
self.args.get('icmp_type_code'))
if self.params['Protocol'] == 1: # ICMP
self.params['Icmp.Type'] = from_port
self.params['Icmp.Code'] = to_port
else:
self.params['PortRange.From'] = from_port
self.params['PortRange.To'] = to_port
def configure(self):
EC2Request.configure(self)
if self.args.get('by_zone', False):
self.params['Availability'] = True
def configure(self):
EC2Request.configure(self)
if self.args.get('by_zone', False):
self.params['Availability'] = True
def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-') and
len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if (target_group is not None and target_group.startswith('sg-') and
len(target_group) == 11):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use group '
'IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if protocol in ['icmp', '1']:
if self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range: not compatible '
'with protocol ' + protocol)
if not self.args.get('icmp_type_code'):
self.args['icmp_type_code'] = '-1:-1'
types = self.args['icmp_type_code'].split(':')
if len(types) == 2:
try:
from_port = int(types[0])
to_port = int(types[1])
except ValueError:
raise ArgumentError('argument -t/--icmp-type-code: value '
'must have format "1:2"')
else:
raise ArgumentError('argument -t/--icmp-type-code: value must '
'have format "1:2"')
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -t/--icmp-type-code: type, code '
'must be at least -1')
elif protocol in ['tcp', 'udp', '6', '17']:
if self.args.get('icmp_type_code'):
raise ArgumentError('argument -t/--icmp-type-code: not '
'compatible with protocol ' + protocol)
if not self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range is required for '
'protocol ' + protocol)
if ':' in self.args['port_range']:
# Be extra helpful in the event of this common typo
raise ArgumentError('argument -p/--port-range: multi-port '
'range must be separated by "-", not ":"')
from_port, to_port = _get_port_range(self.args['port_range'],
protocol)
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -p/--port-range: port number(s) '
'must be at least -1')
if from_port == -1:
from_port = 1
if to_port == -1:
to_port = 65535
else:
# Shouldn't get here since argparse should only allow the values we
# handle
raise ValueError('unrecognized protocol: "{0}"'.format(protocol))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName') and
not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName') and
not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
if (self.args['group'].startswith('sg-')
and len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if (target_group is not None and target_group.startswith('sg-')
and len(target_group) == 11):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use group '
'IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if protocol in ['icmp', '1']:
if self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range: not compatible '
'with protocol ' + protocol)
if not self.args.get('icmp_type_code'):
self.args['icmp_type_code'] = '-1:-1'
types = self.args['icmp_type_code'].split(':')
if len(types) == 2:
try:
from_port = int(types[0])
to_port = int(types[1])
except ValueError:
raise ArgumentError('argument -t/--icmp-type-code: value '
'must have format "1:2"')
else:
raise ArgumentError('argument -t/--icmp-type-code: value must '
'have format "1:2"')
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -t/--icmp-type-code: type, code '
'must be at least -1')
elif protocol in ['tcp', 'udp', '6', '17']:
if self.args.get('icmp_type_code'):
raise ArgumentError('argument -t/--icmp-type-code: not '
'compatible with protocol ' + protocol)
if not self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range is required for '
'protocol ' + protocol)
if ':' in self.args['port_range']:
# Be extra helpful in the event of this common typo
raise ArgumentError('argument -p/--port-range: multi-port '
'range must be separated by "-", not ":"')
from_port, to_port = _get_port_range(self.args['port_range'],
protocol)
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -p/--port-range: port number(s) '
'must be at least -1')
if from_port == -1:
from_port = 1
if to_port == -1:
to_port = 65535
else:
# Shouldn't get here since argparse should only allow the values we
# handle
raise ValueError('unrecognized protocol: "{0}"'.format(protocol))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName')
and not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName')
and not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EC2Request.configure(self)
self.configure_s3_access()
if self.args.get('ignore_active_task') and not self.args.get('task'):
raise ArgumentError('argument --ignore-active-task my only be '
'used with -t/--task')
def configure(self):
EC2Request.configure(self)
self.configure_s3_access()
if self.args.get("ignore_active_task") and not self.args.get("task"):
raise ArgumentError("argument --ignore-active-task my only be " "used with -t/--task")
