from ast import Return
from HwUser import HwUser
import json
'''
在云服务器的/root/huawei 目录下编写 create_security_group_rule.py 文件,并导入赛项提供的 HwUser.py 文件获取授权。基于上一题的安全组,编写 Python 代码,参考官方相关的API调用文档,创建华为云的安全组规则,具体要求为
(1)使用安全组名称获取其 ID(不允许直接填写安全组 ID);
(2)删除此安全组里所有规则(保证代码可以重复执行);
(3)放通出方向规则:所有协议端口;
(4)放通入方向规则:TCP 协议 22 端口;
(5)放通入方向规则:ICMP 协议所有端口;
(6)添加成功后输出此安全组的详细信息。
'''
if __name__ == "__main__":
# 1 获取授权
ak = "7IJFH088K7ZHG6H7MJ7E"
sk = "ClkPa47PpNxEpiPzKQ3c5Nzcb1S5uSVGhQ13owge"
user = HwUser(ak, sk)
# 2 查询安全组
print("正在查询安全组。。。。", end="")
requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-groups"
resp = user.httpRequest("GET", requestURL)
result = json.loads(str(resp.content, encoding="utf-8"))
## 2.1 查找安全组 chinaskills_security_group 的ID
### 取出现有的安全组列表
now_net_list = result["security_groups"]
targetID = ""
for i in now_net_list:
if "chinaskills_security_group" == i["name"]:
targetID = i["id"]
break
if targetID == "":
exit("未找到安全组chinaskills_security_group")
else:
print("已找到 chinaskills_security_group ID为:"+ targetID)
print(" 正在尝试删除已存在的云安全组chinaskills_security_group中的规则。。。")
## 2.2 查看安全组规则
requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules"+"?security_group_id="+targetID
resp = user.httpRequest("GET", requestURL,{ "content-type": "application/json" },"")
result = json.loads(str(resp.content, encoding="utf-8"))
## 2.3 删除现有的安全组规则
now_rule_list = result["security_group_rules"]
for i in now_rule_list:
requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules/" + i["id"]
resp = user.httpRequest("DELETE", requestURL,{ "content-type": "application/json" },"")
print(" 删除完成")
# 3 创建安全组规则
print("正在创建安全组规则1--放通出方向规则:所有协议端口。。。",end="")
security_group_id = targetID
description = "放通出方向规则:所有协议端口"
direction = "egress"
bodys = json.dumps({"security_group_rule": {"security_group_id": security_group_id,"description": description, "direction": direction}})
resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys)
print("创建完成")
print("正在创建安全组规则2--放通入方向规则:TCP 协议 22 端口。。。",end="")
security_group_id = targetID
description = "放通入方向规则:TCP 协议 22 端口"
direction = "ingress"
protocol = "tcp"
multiport = "22"
bodys = json.dumps({"dry_run":False,"security_group_rule": {"description": description, "direction": direction, "protocol": protocol, "multiport": multiport, "security_group_id": security_group_id}})
resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys)
print("创建完成")
print("正在创建安全组规则3--放通入方向规则:ICMP 协议所有端口。。。",end="")
security_group_id = targetID
description = "放通入方向规则:ICMP 协议所有端口"
direction = "ingress"
protocol = "ICMP"
multiport = "1-65535"
bodys = json.dumps({"security_group_rule": {"description": description, "direction": direction, "protocol": protocol, "security_group_id": security_group_id}})
resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys)
print("创建完成")
# 4 查询
print("chinaskills_security_group安全组规则信息查询中。。。")
requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules"+"?security_group_id="+targetID
resp = user.httpRequest("GET", requestURL,{ "content-type": "application/json" },"")
result = json.loads(str(resp.content, encoding="utf-8"))
for i in result["security_group_rules"]:
print(" 安全组规则ID:"+str(i["id"]))
print(" 安全组规则描述:"+str(i["description"]))
print(" 安全组规则的出入控制方向:"+str(i["direction"]))
print(" 安全组规则的协议类型:"+str(i["protocol"]))
print(" 安全组规则的作用端口:"+str(i["multiport"]))
print(" 安全组规则动作:"+str(i["action"]))
print() 0
点赞
收藏
分享
python api 创建安全组管理
相关推荐
0 条评论
