Question

以下代码在sec group中查找0.0.0.0/0并在slack上打印。

def getTag(connection, instanceId):
    reservations=connection.get_all_instances(filters={'instance_id':instanceId})
    for res in reservations:
      for instance in res.instances:
        if instance.state == "running":
           return instance.tags['Name'],instance.private_ip_address,instance.region
        else:
           return None

#regions = ['us-east-1','us-west-1','us-west-2','eu-west-1','sa-east-1','ap-southeast-1','ap-southeast-2','ap-northeast-1']
#regions = ['us-west-2','eu-central-1','ap-southeast-1']  ##Prod VPC
regions = ['us-west-2']
data = []
header = ["Port","Open For","Security group","Instance Details"]

for region in regions:
    connection=ec2.connect_to_region(region)
    sg = connection.get_all_security_groups()
    try:
        for securityGroup in sg:
           for rule in securityGroup.rules:
               if '0.0.0.0/0' in str(rule.grants):
                  for instanceid in securityGroup.instances():
                      instanceId=str(instanceid)
                     # print instanceId
                      tag = getTag(connection, instanceId.split(':')[1])
                      if tag is not None:
                        # print tab              
                         tab =[str(rule.to_port),"0.0.0.0/0",str(securityGroup.name),str(getTag(connection, instanceId.split(':')[1]))]
                         data.append(tab)
    except Exception,e:
        pass

print tabulate(data, headers=header, tablefmt='simple')
cool_stuff = tabulate(data, headers=header, tablefmt='simple')
slack.chat.post_message('#scanbot','```'+cool_stuff+'```',username='AWS_security_group_scanner')

问题是，这打印：

 Port  Open For    Security group                     Instance Details
------  ----------  ---------------------------------  ----------------------------------------------------------------------------------
  1433  0.0.0.0/0   default                            (u'ABCcorp', u'10.17.9.22', RegionInfo:us-west-2)
    80  0.0.0.0/0   pdx01-ms-dev-elbs                  (u'dev-lb05', u'10.17.5.249', RegionInfo:us-west-2)
    80  0.0.0.0/0   pdx01-ms-dev-elbs                  (u'dev-sdl-lb02', u'10.17.5.63', RegionInfo:us-west-2)
    80  0.0.0.0/0   pdx01-ms-dev-elbs                  (u'lbCasio', u'10.17.5.11', RegionInfo:us-west-2)
    80  0.0.0.0/0   pdx01-ms-dev-elbs                  (u'lb01', u'10.17.4.196', RegionInfo:us-west-2)
    80  0.0.0.0/0   pdx01-ms-dev-elbs                  (u'lb01', u'10.17.5.133', RegionInfo:us-west-2)
    80  0.0.0.0/0   pdx01-ms-dev-elbs                  (u'gehc-lb01', u'10.17.5.222', RegionInfo:us-west-2)
   443  0.0.0.0/0   pdx01-ms-dev-elbs                  (u'lb05', u'10.17.5.249', RegionInfo:us-west-2)

我想摆脱＆＃39; u＆＃39;因为他们正在搞乱这些松散的东西。有人能帮助我吗？

Answer 1

希望这有效

import unicodedata
for region in regions:
    connection=ec2.connect_to_region(region)
    sg = connection.get_all_security_groups()
    try:
        for securityGroup in sg:
           for rule in securityGroup.rules:
               if '0.0.0.0/0' in str(rule.grants):
                  for instanceid in securityGroup.instances():
                      instanceId=str(instanceid)
                     # print instanceId
                      tag = getTag(connection, instanceId.split(':')[1])
                      if tag is not None:
                        # print tab              
                         tab =[str(rule.to_port),"0.0.0.0/0",str(securityGroup.name),unicodedata.normalize('NFKD', getTag(connection, instanceId.split(':')[1])).encode('ascii','ignore')]
                         data.append(tab)
    except Exception,e:
        pass

Answer 2

更改此

tab  = [str(rule.to_port), "0.0.0.0/0", str(securityGroup.name), str(getTag(connection, instanceId.split(':')[1]))]

到

tab  = [str(rule.to_port), "0.0.0.0/0", str(securityGroup.name), tuple(list(i.encode('UTF8') for i in getTag(connection, instanceId.split(':')[1])[0:2] ) + [getTag(connection, instanceId.split(':')[1])[2]] )]

如何摆脱unicode＆＃39; u＆＃39;从输出？蟒蛇

2 个答案: