in update_security_groups_lambda/update_security_groups.py [0:0]
def update_security_groups(new_ranges, rangeType):
client = boto3.client('ec2')
result = list()
# All the security groups we will need to find.
allSGs = INGRESS_PORTS.keys()
# Iterate over every group, doing its global and regional versions
for curGroup in allSGs:
tagToFind = {}
if rangeType == "GLOBAL":
tagToFind = GLOBAL_SG_TAGS
else:
tagToFind = REGION_SG_TAGS
tagToFind['Protocol'] = curGroup
rangeToUpdate = get_security_groups_for_update(client, tagToFind)
msg = 'tagged Name: {}, Protocol: {} to update'.format( tagToFind["Name"], curGroup )
logging.info('Found {} groups {}'.format( str(len(rangeToUpdate)), msg ) )
if len(rangeToUpdate) == 0:
result.append( 'No groups {}'.format(msg) )
logging.warning( 'No groups {}'.format(msg) )
else:
for securityGroupToUpdate in rangeToUpdate:
if update_security_group(client, securityGroupToUpdate, new_ranges, INGRESS_PORTS[curGroup] ):
result.append('Security Group {} updated.'.format( securityGroupToUpdate['GroupId'] ) )
else:
result.append('Security Group {} unchanged.'.format( securityGroupToUpdate['GroupId'] ) )
return result