0

我正在尝试按组 ID 获取安全组。

这是代码:

#!/usr/bin/env python2.7
import boto.ec2
import argparse

parser = argparse.ArgumentParser(description="")
parser.add_argument('sec_group_id', help='Security group id')
parser.add_argument('region_name', help='Region name')
args = parser.parse_args()
sec_group_id = args.sec_group_id
region_name = args.region_name

conn = boto.ec2.connect_to_region(region_name);

GivenSecGroup=conn.get_all_security_groups(sec_group_id)

当我执行这个:

./sec_groups.py sg-45b9a12c eu-central-1

我得到输出:

Traceback (most recent call last):
  File "./sec_groups.py", line 22, in <module>
    GivenSecGroup=conn.get_all_security_groups(sec_group_id)
  File "/usr/lib/python2.7/dist-packages/boto/ec2/connection.py", line 2969, in get_all_security_groups
    [('item', SecurityGroup)], verb='POST')
  File "/usr/lib/python2.7/dist-packages/boto/connection.py", line 1182, in get_list
    raise self.ResponseError(response.status, response.reason, body)
boto.exception.EC2ResponseError: EC2ResponseError: 400 Bad Request
<?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>InvalidGroup.NotFound</Code><Message>The security group 'sg-45b9a12c' does not exist in default VPC 'vpc-d289c0bb'</Message></Error></Errors><RequestID>edf2afd0-f552-4bdf-938e-1bccef798145</RequestID></Response>

所以基本上它说“默认 VPC 'vpc-d289c0bb' 中不存在安全组 'sg-45b9a12c'”</p>

但是这个安全组确实存在于默认 VPC 中!这是证明: AWS控制台截图

我怎样才能使这项工作?

我会很感激你的回答。

4

2 回答 2

2

简短的回答:

只是改变

GivenSecGroup=conn.get_all_security_groups(sec_group_id)


GivenSecGroup=conn.get_all_security_groups(group_ids=[sec_group_id])

长答案:

get_all_security_groups 第一个参数是安全组名称列表,第二个参数是 id 列表:

def get_all_security_groups(self, groupnames=None, group_ids=None,
                            filters=None, dry_run=False):
    """
    Get all security groups associated with your account in a region.

    :type groupnames: list
    :param groupnames: A list of the names of security groups to retrieve.
                       If not provided, all security groups will be
                       returned.

    :type group_ids: list
    :param group_ids: A list of IDs of security groups to retrieve for
                      security groups within a VPC.
于 2016-04-12T14:14:14.147 回答
1

I will show alternative boto3 answer beside @Vor.

IMHO, you should switch to boto3, the developer has make it clear that boto will not support new features. You don't need to specify region, you can tied the region inside credential file,etc. 

import boto3
import argparse
ec2=boto3.client("ec2")
parser = argparse.ArgumentParser(description="")
parser.add_argument('sec_group_id', help='Security group id')
args = parser.parse_args()
sec_group_id = args.sec_group_id

my_sec_grp = ec2.describe_security_groups(GroupIds = [sec_group_id])

Boto3 are closely tied with AWS Cli. The current AWS cli has show features such "--query" that allow user to filter the results return. If AWS implement that features, that will be in boto3, not boto.

于 2016-04-14T12:26:14.923 回答