def decorated(*args, **kwargs):
ec2 = boto.ec2.connect_to_region(boto_region, aws_access_key_id=aws_access, aws_secret_access_key=aws_secret)
ec2.set_request_hook(PyLogReqLogger())
kwargs['ec2'] = ec2
return f(*args, **kwargs)
import argparse
import logging
import time
from util import _revoke, getorraise, PyLogReqLogger, GRANT_KEY_FORMULA
import redis
import boto.ec2
aws_access = getorraise('AWS_ACCESS_KEY', 'AWS access key')
aws_secret = getorraise('AWS_SECRET_KEY', 'AWS secret key')
boto_region = getorraise('AWS_REGION', 'AWS region')
redis_url = getorraise('REDIS_URL', 'Redis URL')
rds = redis.from_url(redis_url)
ec2 = boto.ec2.connect_to_region(boto_region, aws_access_key_id=aws_access, aws_secret_access_key=aws_secret)
ec2.set_request_hook(PyLogReqLogger())
parser = argparse.ArgumentParser(description='Revoke old security group rules')
parser.add_argument('--dry', dest='dry', action='store_true', help='Dry run: don\'t actually remove security group rules that have expired')
args = parser.parse_args()
if __name__ == "__main__":
logger = logging.getLogger()
logger.setLevel(logging.INFO)
logger.addHandler(logging.StreamHandler())
security_groups = ec2.get_all_security_groups()
for security_group in security_groups:
for rule in security_group.rules:
grants_with_cidrs = []
