in resource-selector-lambda/handler.py [0:0]
def getSecurityGroup(self, config, vpclist):
# Security Group placeholder
securityGroups = []
# Filter the security groups by the correct VPC
sgfilter = [{'Name': 'vpc-id', 'Values': vpclist}]
logger.info(f' my filter is {sgfilter}')
# build up boto3 client for ec2 and get the list of security groups
ec2 = boto3.client('ec2', region_name=self.region)
paginator = ec2.get_paginator('describe_security_groups')
page_iterator = paginator.paginate(Filters=sgfilter)
for page in page_iterator:
# Iterate through all security group
for sg in page['SecurityGroups']:
# if security group name provided
if self.groupName:
# check if match
if self.groupName in sg['GroupName']:
# if sg has assign tags check tags criteria
if 'Tags' in sg:
if self.searchObject(sg['Tags'], config):
logger.info(f'found our security group {sg["GroupId"]} ')
securityGroups.append(sg['GroupId'])
# if not tags criteria specified in configuration, return sg
elif not 'Tags' in config:
logger.info(f'found our security group {sg["GroupId"]} ')
securityGroups.append(sg['GroupId'])
# if sg has assign tags check tags criteria
elif 'Tags' in sg and self.searchObject(sg['Tags'], config):
logger.info(f'found our security group {sg["GroupId"]} ')
securityGroups.append(sg['GroupId'])
# if sg doens't have tags and no tags criteria specified in configuration, return all sg
elif not 'Tags' in sg and not 'Tags' in config:
logger.info(f'found our security group {sg["GroupId"]} ')
securityGroups.append(sg['GroupId'])
# turn list into a comma separated string and place it in our response
self.setOutput(securityGroups)