0
点赞
收藏
分享

微信扫一扫

python api 创建安全组管理

mjjackey 2022-04-19 阅读 77
python
from ast import Return
from HwUser import HwUser
import json

'''
    在云服务器的/root/huawei 目录下编写 create_security_group_rule.py 文件,并导入赛项提供的 HwUser.py 文件获取授权。基于上一题的安全组,编写 Python 代码,参考官方相关的API调用文档,创建华为云的安全组规则,具体要求为
    
    (1)使用安全组名称获取其 ID(不允许直接填写安全组 ID);

    (2)删除此安全组里所有规则(保证代码可以重复执行);

    (3)放通出方向规则:所有协议端口;

    (4)放通入方向规则:TCP 协议 22 端口;

    (5)放通入方向规则:ICMP 协议所有端口;

    (6)添加成功后输出此安全组的详细信息。

'''

if __name__ == "__main__":
    
    # 1 获取授权
    ak = "7IJFH088K7ZHG6H7MJ7E"
    sk = "ClkPa47PpNxEpiPzKQ3c5Nzcb1S5uSVGhQ13owge"
    user = HwUser(ak, sk)
    
    # 2 查询安全组
    print("正在查询安全组。。。。", end="")
    requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-groups"
    resp = user.httpRequest("GET", requestURL)
    result = json.loads(str(resp.content, encoding="utf-8"))
    ## 2.1 查找安全组 chinaskills_security_group 的ID
    ### 取出现有的安全组列表
    now_net_list = result["security_groups"]
    targetID = ""
    for i in now_net_list:
        if "chinaskills_security_group" == i["name"]:
            targetID = i["id"]
            break
    if targetID == "":
        exit("未找到安全组chinaskills_security_group")
    else:
        print("已找到 chinaskills_security_group ID为:"+ targetID)
        print("   正在尝试删除已存在的云安全组chinaskills_security_group中的规则。。。")
        ## 2.2 查看安全组规则
        requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules"+"?security_group_id="+targetID
        resp = user.httpRequest("GET", requestURL,{ "content-type": "application/json" },"")
        result = json.loads(str(resp.content, encoding="utf-8"))
        ## 2.3 删除现有的安全组规则
        now_rule_list = result["security_group_rules"]
        for i in now_rule_list:
            requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules/" + i["id"]
            resp = user.httpRequest("DELETE", requestURL,{ "content-type": "application/json" },"")     
        print("   删除完成")

    # 3 创建安全组规则
    print("正在创建安全组规则1--放通出方向规则:所有协议端口。。。",end="")
    security_group_id = targetID
    description = "放通出方向规则:所有协议端口"
    direction = "egress"
    bodys = json.dumps({"security_group_rule": {"security_group_id": security_group_id,"description": description, "direction": direction}})
    resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys)
    print("创建完成")

    print("正在创建安全组规则2--放通入方向规则:TCP 协议 22 端口。。。",end="")
    security_group_id = targetID
    description = "放通入方向规则:TCP 协议 22 端口"
    direction = "ingress"
    protocol = "tcp"
    multiport = "22"
    bodys = json.dumps({"dry_run":False,"security_group_rule": {"description": description, "direction": direction, "protocol": protocol, "multiport": multiport, "security_group_id": security_group_id}})
    resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys)
    print("创建完成")

    print("正在创建安全组规则3--放通入方向规则:ICMP 协议所有端口。。。",end="")
    security_group_id = targetID
    description = "放通入方向规则:ICMP 协议所有端口"
    direction = "ingress"
    protocol = "ICMP"
    multiport = "1-65535"
    bodys = json.dumps({"security_group_rule": {"description": description, "direction": direction, "protocol": protocol, "security_group_id": security_group_id}})
    resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys)
    print("创建完成")

    # 4 查询
    print("chinaskills_security_group安全组规则信息查询中。。。")
    requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules"+"?security_group_id="+targetID
    resp = user.httpRequest("GET", requestURL,{ "content-type": "application/json" },"")
    result = json.loads(str(resp.content, encoding="utf-8"))

    for i in result["security_group_rules"]:
        print("   安全组规则ID:"+str(i["id"]))
        print("   安全组规则描述:"+str(i["description"]))
        print("   安全组规则的出入控制方向:"+str(i["direction"]))
        print("   安全组规则的协议类型:"+str(i["protocol"]))
        print("   安全组规则的作用端口:"+str(i["multiport"]))
        print("   安全组规则动作:"+str(i["action"]))
        print()
举报

相关推荐

0 条评论