Question

import boto.ec2

sgs = boto.ec2.connect_to_region('us-east-1').get_all_security_groups()

for sg in sgs:
    for rule in sg.rules:
        print sg, sg.id, "inbound:", rule, " source:", rule.grants

SecurityGroup:default sg-e1304484 inbound: IPPermissions:tcp(80-80)  source: [67.184.225.222/32]
SecurityGroup:default sg-e1304484 inbound: IPPermissions:tcp(5500-5500)  source: [67.184.225.222/32]
SecurityGroup:Pub_HDP_SG sg-e632d982 inbound: IPPermissions:tcp(80-80)  source: [0.0.0.0/0]
SecurityGroup:sg3-MySecurityGroup-LB0QF9UQAOEF sg-4fe73728 inbound: IPPermissions:tcp(22-22)  source: [0.0.0.0/0]
SecurityGroup:sg3-MySecurityGroup-LB0QF9UQAOEF sg-4fe73728 inbound: IPPermissions:tcp(80-80)  source: [0.0.0.0/0]
SecurityGroup:RDP Rule - open everyone  sg-42d58d27 inbound: IPPermissions:-1(None-None)  source: [0.0.0.0/0]
SecurityGroup:us-east-open-all sg-97ffa7f2 inbound: IPPermissions:tcp(22-22)  source: [10.0.20.100/32]
SecurityGroup:us-east-open-all sg-97ffa7f2 inbound: IPPermissions:tcp(53-53)  source: [10.0.20.100/32]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:-1(None-None)  source: [sg-e632d982-995635159130]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:tcp(22-22)  source: [67.184.225.222/32]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:tcp(1024-65535)  source: [10.0.20.100/32]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:tcp(80-80)  source: [24.12.30.198/32]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:udp(138-138)  source: [10.0.20.100/32]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:udp(53-53)  source: [24.12.30.198/32]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:tcp(30015-30015)  source: [0.0.0.0/0]
SecurityGroup:wordpress-app-SG sg-99c4befc inbound: IPPermissions:icmp(-1--1)  source: [10.0.20.100/32]
SecurityGroup:default sg-c65a20a3 inbound: IPPermissions:-1(None-None)  source: [sg-c65a20a3-995635159130]
SecurityGroup:default sg-c65a20a3 inbound: IPPermissions:-1(None-None)  source: [sg-99c4befc-995635159130]
SecurityGroup:sg3-MySecurityGroup2-1HGPN4UF57XN6 sg-4ee73729 inbound: IPPermissions:tcp(22-22)  source: [192.168.1.12/32]
SecurityGroup:AWS-AMI-SG sg-35568d51 inbound: IPPermissions:tcp(22-22)  source: [0.0.0.0/0]
SecurityGroup:launch-wizard-2 sg-932255f6 inbound: IPPermissions:tcp(22-22)  source: [10.0.20.100/32]
SecurityGroup:launch-wizard-2 sg-932255f6 inbound: IPPermissions:tcp(443-443)  source: [0.0.0.0/0]
>>>

大家好，

对于每个SecurityGroup，如何将其转换为List，而List又具有cidr块，协议类型和端口的字典...因此，从上面的输出，SecurityGroup调用＆＃34;默认＆＃34 ;有2条规则......允许80和5500的TCP端口到源IP，然后SecurityGroup调用＆＃34; Pub_HDP_SG＆＃34;只有一条规则......等等......这里是我想以列表的形式出来的输出....

我打算做的是，获取列表（和嵌套字典）并将其传递给一个函数，该函数将使用对流层（例如＆＃34; http://imil.net/wp/2015/06/04/rock-your-cloudformation-with-troposphere-and-boto/＆＃34 ;）

rule1 = [{
    'cidr': '67.184.225.222/32',
    'proto': 'tcp',
    'port': 80
},{
    'cidr': '67.184.225.222/32',
    'proto': 'tcp',
    'port': 5500
}]

rule2 = [{
    'cidr': '[0.0.0.0/0',
    'proto': 'tcp',
    'port': 80
}]

rule3 = [{
    'cidr': '0.0.0.0/0',
    'proto': 'tcp',
    'port': 22
},{
    'cidr': '0.0.0.0/0',
    'proto': 'tcp',
    'port': 80
}]

Answer 1

get_all_security_groups()返回一个对象列表。并且每个对象包含其他对象，因此您需要首先了解heiracrvhy。然后，一旦你得到了这个，你就可以遍历结果并构建一个字典。

例如：

[
  {
     'cidr': x.rules[0].grants[0], 
     'proto': x.rules[0].ip_protocol
     # so on ....
  } for x in sgs if x.rules
]

将输出转换为列表（和嵌套字典）

1 个答案: