def create_snapshot(volume_id, region_name='us-east-1'):
console = setup_re_ec2(region_name='us-east-1')
console.create_snapshot(
Description='my snapshot',
VolumeId=volume_id,
)
print("Snapshot created...")
def list_snapshots(region_name='us-east-1'):
console = setup_re_ec2(region_name=region_name)
for each_snapshot in console.snapshots.filter(OwnerIds=['261635990162']):
#pprint(dir(each_snapshot))
print(
f"Owner ID: {each_snapshot.owner_id} | Snapshot ID: {each_snapshot.snapshot_id} | "
f"State: {each_snapshot.state} | Tag: {each_snapshot.tags} | Description: {each_snapshot.description}"
)
def list_volumes(region_name='us-east-1'):
volumes = setup_re_ec2(region_name=region_name).volumes.filter()
for each_volume in volumes:
print(
f"Volume ID: {each_volume.volume_id} | Volume Type: {each_volume.volume_type} | "
f"Volume State: {each_volume.state} | Volume Size : {each_volume.size} GB| "
f"Volume Tag: {each_volume.tags} | AZ: {each_volume.availability_zone}"
)
def revoke_sg_violated_ingress_rule(self, sg_id, from_port, to_port,
ip_protocol):
security_group = setup_re_ec2(self.profile_name).SecurityGroup(sg_id)
response = security_group.revoke_ingress(CidrIp='0.0.0.0/0',
FromPort=from_port,
IpProtocol=ip_protocol,
ToPort=to_port)
pprint(response)
print("rule revoked")
def testsg(self):
security_groups = setup_re_ec2(self.profile_name).security_groups.all()
for each_sg in security_groups:
print(each_sg.group_id, each_sg.id)
for iprule in each_sg.ip_permissions:
pprint(iprule)
break
print(iprule.get('FromPort'))
for ip in iprule.get('IpRanges'):
print(ip.get('CidrIp'))
print("===================")
def create_ec2_from_launch_template(lauch_template_id,
instance_count_to_create,
region_name='us-east-1'):
instance = setup_re_ec2(region_name=region_name).create_instances(
MaxCount=instance_count_to_create,
MinCount=1,
LaunchTemplate={
'LaunchTemplateId': lauch_template_id,
'Version': '1',
},
)
pprint(instance)
def sg_violation(self):
security_groups = setup_re_ec2(self.profile_name).security_groups.all()
violation_list = []
for each_sg in security_groups:
for iprule in each_sg.ip_permissions:
#print(type(iprule.get('FromPort')))
for ip in iprule.get('IpRanges'):
if ip.get('CidrIp') == '0.0.0.0/0':
if iprule.get('FromPort') == 22 or iprule.get(
'FromPort') == 80:
dict = {}
dict['group_name'] = each_sg.group_name
dict['group_id'] = each_sg.group_id
dict['FromPort'] = iprule.get('FromPort')
dict['ToPort'] = iprule.get('ToPort')
dict['IpProtocol'] = iprule.get('IpProtocol')
dict['CidrIp'] = ip.get('CidrIp')
# print(each_sg.group_name, each_sg.group_id, iprule.get('FromPort'), ip.get('CidrIp'),
# iprule.get('ToPort'),iprule.get('IpProtocol'))
violation_list.append(dict)
return violation_list
def create_volume(az, volume_type, size_in_gb, region_name='us-east-1'):
#console=setup_re()
setup_re_ec2(region_name=region_name).create_volume(AvailabilityZone=az,
Size=size_in_gb,
VolumeType=volume_type)