Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # -*- coding: utf-8 -*-
- import boto3
- import yaml
- from botocore.exceptions import ClientError
- def main(data):
- ec2_id_list=[]
- sgid_list=[]
- iplist=[]
- output_text_list=[]
- ec2_resource = boto3.resource('ec2')
- ec2_client = boto3.client('ec2')
- alb_client = boto3.client('elbv2')
- clb_client = boto3.client('elb')
- if data.get('CLB_Name') is not None:
- describe_clb_list=clb_client.describe_load_balancers()
- for clb in describe_clb_list['LoadBalancerDescriptions']:
- if data.get('CLB_Name') in clb['LoadBalancerName']:
- sgid_list=clb['SecurityGroups']
- for i in clb['Instances']:
- x=i.get('InstanceId')
- ec2_id_list.extend( x if type(x) == list else [x] )
- else:
- if 'x' in locals():
- x='CLB_Name:' + data.get('CLB_Name')
- output_text_list.extend( x if type(x) == list else [x] )
- else:
- x='存在しないCLB_Name:' + data.get('CLB_Name')
- output_text_list.extend( x if type(x) == list else [x] )
- if data.get('ALB_Name') is not None:
- describe_alb_list=alb_client.describe_load_balancers()
- for alb in describe_alb_list['LoadBalancers']:
- if data.get('ALB_Name') in alb['LoadBalancerName']:
- x=alb.get('SecurityGroups')
- sgid_list.extend( x if type(x) == list else [x] )
- try:
- describe_tgg = alb_client.describe_target_groups(Names=[data['TargetGroup_Name']])
- for d in describe_tgg['TargetGroups']:
- tgg_health = alb_client.describe_target_health(TargetGroupArn=d['TargetGroupArn'])
- for o in tgg_health['TargetHealthDescriptions']:
- x=o['Target'].get('Id')
- ec2_id_list.extend( x if type(x) == list else [x] )
- except ClientError as e:
- if e.response['Error']['Code'] == 'TargetGroupNotFound':
- print('!!!!:' + data.get('TargetGroup_Name'))
- except KeyError:
- print('!!ALB!!:' + data.get('ALB_Name'))
- break
- finally:
- pass
- else:
- if 'd' in locals():
- x='ALB_Name:' + data.get('ALB_Name')
- output_text_list.extend( x if type(x) == list else [x] )
- else:
- x='存在しないALB_Name:' + data.get('ALB_Name')
- output_text_list.extend( x if type(x) == list else [x] )
- for i in ec2_id_list:
- describe_instance=ec2_client.describe_instances(InstanceIds=[i])
- for u in describe_instance['Reservations']:
- for d in u['Instances']:
- for c in d['SecurityGroups']:
- x=c.get('GroupId')
- sgid_list.extend( x if type(x) == list else [x] )
- for sgid in sgid_list:
- security_group = ec2_resource.SecurityGroup(sgid)
- for u in security_group.ip_permissions:
- for i in u['IpRanges']:
- x=i.get('CidrIp')
- iplist.extend( x if type(x) == list else [x] )
- uniq_iplist = set(iplist)
- if '0.0.0.0/0' in uniq_iplist:
- uniq_iplist.remove('0.0.0.0/0')
- if not uniq_iplist:
- uniq_iplist = 'jj、または0.0.0.0/0jj'
- return uniq_iplist , output_text_list
- if __name__ == '__main__':
- with open('lb_config.yml', 'r') as yml:
- config = yaml.safe_load(yml)
- for data in config:
- print('----------')
- iplist , output_text_list = main(data)
- print(' , '.join(output_text_list))
- print(iplist)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement