def modify_sg_policy(sg_id, accesskey_id, accesskey_secret, region_id): while True: print("Now, we will modify safe group ingress policy...") print("First, we need to REVOKE the policy...") ip_protocal = raw_input("Please select protocal:") port_range = raw_input("Please select port range:") source_cidr = raw_input("Please select source CiDr block:") clt = client.AcsClient(accesskey_id, accesskey_secret, region_id) request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest() request.set_accept_format('json') request.set_SecurityGroupId(sg_id) request.set_IpProtocol(ip_protocal) request.set_PortRange(port_range) request.set_SourceCidrIp(source_cidr) result = clt.do_action_with_exception(request) print result print("Do you want to create a new policy?") selection = upper(raw_input("Y/N:")) if selection == "Y": create_sg_policy(sg_id, accesskey_id, accesskey_secret, region_id) print("Do you want to modify another safe group policy?") choice = upper(raw_input("Y/N:")) if choice == "N": break return
def revokeIngress(groupId, permission): requestRevoke = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest() requestRevoke.set_SecurityGroupId(groupId) requestRevoke.set_SourceCidrIp(permission['SourceCidrIp']) requestRevoke.set_IpProtocol(permission['IpProtocol']) requestRevoke.set_PortRange(permission['PortRange']) responseRevoke = client.do_action_with_exception(requestRevoke) return json.loads(responseRevoke)
def revokeSecurityGroupRequest(self,SecurityGroupID,IpProtocol,PortRange,SourceCidrIp,Priority): '''撤销安全组内规则''' request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest() request.set_SecurityGroupId(SecurityGroupID) request.add_query_param('RegionId', 'cn-shenzhen') #需改为华东1(cn-hangzhou request.set_IpProtocol(IpProtocol) request.set_PortRange(PortRange) request.set_SourceCidrIp(SourceCidrIp) request.set_Priority(Priority) request.set_accept_format('json') return request
def deloldRULE(func): global clt # 设置参数 for port in ['3000/3000','34872/34872']: request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest() request.set_accept_format('json') request.add_query_param('RegionId', 'cn-hangzhou') request.add_query_param('SecurityGroupId', '目标安全组ID') request.add_query_param('IpProtocol', 'tcp') request.add_query_param('PortRange', port) request.add_query_param('SourceCidrIp', func()) request.add_query_param('NicType', 'intranet') #如果不加这句话就是公网删除 # 发起请求 response = clt.do_action(request) print (response)
def revokeSecurityGroupRequest(self, SecurityGroupId, IpProtocol, PortRange, NicType='internet', Policy='accept', Priority='1'): '''删除一条安全组入方向规则 ''' request = RevokeSecurityGroupRequest.RevokeSecurityGroupRequest() request.set_SecurityGroupId(SecurityGroupId) request.set_NicType(NicType) request.set_IpProtocol(IpProtocol) request.set_PortRange(PortRange) request.set_Policy(Policy) request.set_Priority(Priority) request.set_accept_format('json') return request