How to iterate through all aws region to get security group info
Question
I am unable to iterate through the list of AWS regions that i provided & i am confused why the list is starting from reverse order?
This code basically connects through all aws regions one by one and then prints the security group details :
regions = ['us-east-1','us-west-1','us-west-2','eu-west-1','sa-east-1','ap-southeast-1','ap-southeast-2','ap-northeast-1']
for region in regions:
connection=ec2.connect_to_region(region)
sg.extend(connection.get_all_security_groups())
def getTag(instanceId):
reservations=connection.get_all_instances(filters={'instance_id':instanceId})
for res in reservations:
for instance in res.instances:
return instance.tags['Name'],instance.private_ip_address,instance.region
try:
for securityGroup in sg:
for rule in securityGroup.rules:
global instanceId;
if rule.to_port == '22' and '0.0.0.0/0' in str(rule.grants):
for instanceid in securityGroup.instances():
instanceId=str(instanceid)
print "Port 22 is open for 0.0.0.0/0:, SecurityGroupName: %s Instance Details --> : %s " %(securityGroup.name, getTag(instanceId.split(':')[1]))
Based on the answer , I am now unable to get instance details, the result is
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: interview-linux Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: interview-linux Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: launch-wizard-mingjun Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: SSH+HTTPS Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: temp-engg-logi Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: na-prod-1w-secgroup Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: na-prod-1w-secgroup Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: na-trial-1w-secgroup Instance Details --> : None
Port 22 is open for 0.0.0.0/0:, SecurityGroupName: na-trial-1w-secgroup Instance Details --> : Non
1 answers
solution1
2 ACCPTED 2016-04-21 06:45:51
Because in your for region in regions: loop you are overwriting sg in each iteration. What you probably want is
sg = list()
for region in regions:
connection=ec2.connect_to_region(region)
sg.extend(connection.get_all_security_groups())
Edit: (Instance Details --> : None)
The problem here is, in the loop I mentioned earlier, you are overwriting connection too ie connection=ec2.connect_to_region(region) .
So when you do connection.get_all_instances(filters={'instance_id':instanceId}) in your getTag method, instanceId is looked for only in the last region ie ap-northeast-1 . As the instance does not belong to this region, so you get None .
You need to reorder your code to something like
def getTag(connection, instanceId):
reservations=connection.get_all_instances(filters={'instance_id':instanceId})
for res in reservations:
for instance in res.instances:
return instance.tags['Name'],instance.private_ip_address,instance.region
regions = ['us-east-1','us-west-1','us-west-2','eu-west-1','sa-east-1','ap-southeast-1','ap-southeast-2','ap-northeast-1']
for region in regions:
connection=ec2.connect_to_region(region)
sg = connection.get_all_security_groups()
try:
for securityGroup in sg:
for rule in securityGroup.rules:
if rule.to_port == '22' and '0.0.0.0/0' in str(rule.grants):
for instanceid in securityGroup.instances():
instanceId=str(instanceid)
print "Port 22 is open for 0.0.0.0/0:, SecurityGroupName: %s Instance Details --> : %s " %(securityGroup.name, getTag(connection, instanceId.split(':')[1]))
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.