from ast import Return from HwUser import HwUser import json ''' 在云服务器的/root/huawei 目录下编写 create_security_group_rule.py 文件,并导入赛项提供的 HwUser.py 文件获取授权。基于上一题的安全组,编写 Python 代码,参考官方相关的API调用文档,创建华为云的安全组规则,具体要求为 (1)使用安全组名称获取其 ID(不允许直接填写安全组 ID); (2)删除此安全组里所有规则(保证代码可以重复执行); (3)放通出方向规则:所有协议端口; (4)放通入方向规则:TCP 协议 22 端口; (5)放通入方向规则:ICMP 协议所有端口; (6)添加成功后输出此安全组的详细信息。 ''' if __name__ == "__main__": # 1 获取授权 ak = "7IJFH088K7ZHG6H7MJ7E" sk = "ClkPa47PpNxEpiPzKQ3c5Nzcb1S5uSVGhQ13owge" user = HwUser(ak, sk) # 2 查询安全组 print("正在查询安全组。。。。", end="") requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-groups" resp = user.httpRequest("GET", requestURL) result = json.loads(str(resp.content, encoding="utf-8")) ## 2.1 查找安全组 chinaskills_security_group 的ID ### 取出现有的安全组列表 now_net_list = result["security_groups"] targetID = "" for i in now_net_list: if "chinaskills_security_group" == i["name"]: targetID = i["id"] break if targetID == "": exit("未找到安全组chinaskills_security_group") else: print("已找到 chinaskills_security_group ID为:"+ targetID) print(" 正在尝试删除已存在的云安全组chinaskills_security_group中的规则。。。") ## 2.2 查看安全组规则 requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules"+"?security_group_id="+targetID resp = user.httpRequest("GET", requestURL,{ "content-type": "application/json" },"") result = json.loads(str(resp.content, encoding="utf-8")) ## 2.3 删除现有的安全组规则 now_rule_list = result["security_group_rules"] for i in now_rule_list: requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules/" + i["id"] resp = user.httpRequest("DELETE", requestURL,{ "content-type": "application/json" },"") print(" 删除完成") # 3 创建安全组规则 print("正在创建安全组规则1--放通出方向规则:所有协议端口。。。",end="") security_group_id = targetID description = "放通出方向规则:所有协议端口" direction = "egress" bodys = json.dumps({"security_group_rule": {"security_group_id": security_group_id,"description": description, "direction": direction}}) resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys) print("创建完成") print("正在创建安全组规则2--放通入方向规则:TCP 协议 22 端口。。。",end="") security_group_id = targetID description = "放通入方向规则:TCP 协议 22 端口" direction = "ingress" protocol = "tcp" multiport = "22" bodys = json.dumps({"dry_run":False,"security_group_rule": {"description": description, "direction": direction, "protocol": protocol, "multiport": multiport, "security_group_id": security_group_id}}) resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys) print("创建完成") print("正在创建安全组规则3--放通入方向规则:ICMP 协议所有端口。。。",end="") security_group_id = targetID description = "放通入方向规则:ICMP 协议所有端口" direction = "ingress" protocol = "ICMP" multiport = "1-65535" bodys = json.dumps({"security_group_rule": {"description": description, "direction": direction, "protocol": protocol, "security_group_id": security_group_id}}) resp = user.httpRequest("POST", "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules",{ "content-type": "application/json" },bodys) print("创建完成") # 4 查询 print("chinaskills_security_group安全组规则信息查询中。。。") requestURL = "https://vpc.cn-east-2.myhuaweicloud.com/v3/0f4115bb9280f3192fa7c00e1c434035/vpc/security-group-rules"+"?security_group_id="+targetID resp = user.httpRequest("GET", requestURL,{ "content-type": "application/json" },"") result = json.loads(str(resp.content, encoding="utf-8")) for i in result["security_group_rules"]: print(" 安全组规则ID:"+str(i["id"])) print(" 安全组规则描述:"+str(i["description"])) print(" 安全组规则的出入控制方向:"+str(i["direction"])) print(" 安全组规则的协议类型:"+str(i["protocol"])) print(" 安全组规则的作用端口:"+str(i["multiport"])) print(" 安全组规则动作:"+str(i["action"])) print()