IcsSecurityGroup Common Library

IcsSecurityGroup: Library for AWS Security group

This is the IcsSeurityGroup common library.
class opslib.icssgroup.IcsSGroup(region, **kwargs)[source]

Library for AWS Security group

__dict__ = dict_proxy({'create_rds_group': <function create_rds_group at 0x5958848>, 'add_egress_rules': <function add_egress_rules at 0x5958a28>, '__module__': 'opslib.icssgroup', 'create_group': <function create_group at 0x59588c0>, 'rds_revoke_rules': <function rds_revoke_rules at 0x5958aa0>, 'get_security_groups': <function get_security_groups at 0x5958b90>, '__dict__': <attribute '__dict__' of 'IcsSGroup' objects>, 'rds_authorize_group': <function rds_authorize_group at 0x5958938>, 'add_ingress_rules': <function add_ingress_rules at 0x59589b0>, 'remove_ingress_rules': <function remove_ingress_rules at 0x5958b18>, '__weakref__': <attribute '__weakref__' of 'IcsSGroup' objects>, '__doc__': '\n Library for AWS Security group\n ', '__init__': <function __init__ at 0x59587d0>})
__init__(region, **kwargs)[source]
__module__ = 'opslib.icssgroup'
__weakref__

list of weak references to the object (if defined)

add_egress_rules(group_id, ip_protocol, from_port=None, to_port=None, cidr_ip=None, des_group_id=None)[source]

The action adds one or more egress rules to a VPC security group

Parameters:
  • group_id (str) – ID of theVPC security group to modify
  • ip_protocol (string) – Either tcp | udp | icmp
  • from_port (int) – The beginning port number you are enabling
  • to_port (int) – The ending port number you are enabling
  • cidr_ip (list of strings) – The CIDR block you are providing access to
  • des_group_id (str) – The ID of destination security groups in the same VPC
add_ingress_rules(group_name, src_group=None, ip_protocol=None, from_port=None, to_port=None, cidr_ip=None, group_id=None, src_group_id=None)[source]

Add a new rule to an existing security group. You need to pass in either src_security_group_name OR ip_protocol, from_port, to_port, and cidr_ip. In other words, either you are authorizing another group or you are authorizing some ip-based rule.

Parameters:
  • group_name (string) – The name of the security group you are adding the rule to
  • src_security_group_name (string) – The name of the security group you are granting access to
  • ip_protocol (string) – Either tcp | udp | icmp
  • from_port (int) – The beginning port number you are enabling
  • to_port (int) – The ending port number you are enabling
  • cidr (list of strings) – The CIDR block you are providing access to
  • group_id (string) – ID of the EC2 or VPC security group to modify. This is required for VPC security groups and can be used instead of group_name for EC2 security groups
Returns:

True if successful.
Type:

bool
create_group(name, description, vpc_id=None)[source]

Create a new security group for your account. This will create the security group within the region you are currently connected to.

Parameters:
  • name (string) – The name of the new security group
  • description (string) – The description of the new security group
  • vpc_id (string) – The ID of the VPC to create the security group in.
Returns:

The newly created boto.ec2.securitygroup.SecurityGroup.
Type:

boto.ec2.securitygroup.SecurityGroup
create_rds_group(name, description=None)[source]

Create a new security group for your account. This will create the security group within the region you are currently connected to.

Parameters:
  • name (string) – The name of the new security group
  • description (string) – he description of the new security group
Returns:

The newly created DBSecurityGroup
Type:

boto.rds.dbsecuritygroup.DBSecurityGroup
get_security_groups(groupnames=None, group_ids=None, filters=None)[source]

Get all security groups associated with your account in a region.

Parameters:
  • groupnames (list) – A list of the names of security groups to retrieve. If not provided, all security groups will be returned
  • group_ids (list) – A list of IDs of security groups to retrieve for security groups within a VPC
  • filters (dict) – Optional filters that can be used to limit the results returned. Filters are provided in the form of a dictionary consisting of filter names as the key and filter values as the value. The set of allowable filter names/values is dependent on the request being performed.
rds_authorize_group(group_name, cidr_ip=None, src_group_name=None, src_group_owner_id=None)[source]

Add a new rule to an existing security group. You need to pass in either src_security_group_name and src_security_group_owner_id OR a CIDR block but not both.

Parameters:
  • group_name (string) – The name of the security group adding the rule to.
  • cidr_ip (string) – The CIDR block you are providing access to.
  • src_group_name (string) – The name of the EC2 security group you are granting access to.
  • src_group_owner_id (string) – The ID of the owner of the EC2 security group you are granting access to.
Returns:

True if successful.
Tyep:

bool
rds_revoke_rules(group_name, src_group_name=None, src_group_owner_id=None, cidr_ip=None)[source]

Remove an existing rule from an existing security group. You need to pass in either ec2_security_group_name and ec2_security_group_owner_id OR a CIDR block.

Parameters:
  • group_name (string) – The name of the security group you are removing the rule from.
  • src_group_name (string) – The name of the EC2 security group from which you are removing access.
  • src_group_owner_id (string) – The ID of the owner of the EC2 security from which you are removing access.
  • cidr_ip (string) – The CIDR block from which you are removing access.
Returns:

True if successful.
Type:

bool
remove_ingress_rules(group_name, src_group=None, ip_protocol=None, from_port=None, to_port=None, cidr_ip=None, group_id=None, src_group_id=None)[source]

Remove an existing rule from an existing security group

Parameters:
  • group_name (string) – The name of the security group you are removing the rule from
  • src_security_group_name (string) – The name of the security group you are revoking access to
  • ip_protocol (string) – Either tcp | udp | icmp
  • from_port (int) – The beginning port number you are disabling
  • to_port (int) – The ending port number you are disabling
  • cidr (list of strings) – The CIDR block you are revoking access to
  • group_id (string) – ID of the EC2 or VPC security group to modify. This is required for VPC security groups and can be used instead of group_name for EC2 security groups
Returns:

True if successful.
Type:

bool

Indices and tables

Read the Docs v: latest
Versions
latest
Downloads
PDF
HTML
Epub
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.