1 from sfa.util.sfalogging import logger
5 def __init__(self, driver):
9 def create_security_group(self, name):
10 conn = self.driver.euca_shell.get_euca_connection()
12 conn.create_security_group(name=group_name)
14 logger.log_exc("Failed to add security group")
16 def delete_security_group(self, name):
17 conn = self.driver.euca_shell.get_euca_connection()
19 conn.delete_security_group(name=group_name)
21 logger.log_exc("Failed to delete security group")
24 def _validate_port_range(self, port_range):
25 from_port = to_port = None
26 if isinstance(port_range, str):
27 ports = port_range.split('-')
29 from_port = int(ports[0])
30 to_port = int(ports[1])
32 from_port = to_port = int(ports[0])
34 from_port = to_port = None
35 return (from_port, to_port)
37 def _validate_icmp_type_code(self, icmp_type_code):
38 from_port = to_port = None
39 if isinstance(icmp_type_code, str):
40 code_parts = icmp_type_code.split(':')
41 if len(code_parts) > 1:
43 from_port = int(code_parts[0])
44 to_port = int(code_parts[1])
46 logger.error('port must be an integer.')
47 return (from_port, to_port)
50 def add_rule_to_group(self, group_name=None, protocol='tcp', cidr_ip='0.0.0.0/0',
51 port_range=None, icmp_type_code=None,
52 source_group_name=None, source_group_owner_id=None):
55 from_port, to_port = self._validate_port_range(port_range)
56 icmp_type = self._validate_icmp_type_code(icmp_type_code)
58 from_port, to_port = icmp_type[0], icmp_type[1]
62 self.driver.euca_shell.euca2ool.validate_address(cidr_ip)
64 self.driver.euca_shell.euca2ool.validate_protocol(protocol)
65 conn = self.driver.euca_shell.get_euca_connection()
67 conn.authorize_security_group(
68 group_name=group_name,
69 src_security_group_name=source_group_name,
70 src_security_group_owner_id=source_group_owner_id,
77 logger.log_exc("Failed to add rule to group %s" % group_name)
80 def remove_rule_from_group(self, group_name=None, protocol='tcp', cidr_ip='0.0.0.0/0',
81 port_range=None, icmp_type_code=None,
82 source_group_name=None, source_group_owner_id=None):
84 from_port, to_port = self._validate_port_range(port_range)
85 icmp_type = self._validate_icmp_type_code(icmp_type_code)
87 from_port, to_port = icmp_type[0], icmp_type[1]
91 self.driver.euca_shell.euca2ool.validate_address(cidr_ip)
93 self.driver.euca_shell.euca2ool.validate_protocol(protocol)
94 conn = self.driver.euca_shell.get_euca_connection()
96 conn.revoke_security_group(
97 group_name=group_name,
98 src_security_group_name=source_group_name,
99 src_security_group_owner_id=source_group_owner_id,
100 ip_protocol=protocol,
105 except Exception, ex:
106 logger.log_exc("Failed to remove rule from group %s" % group_name)