-
Notifications
You must be signed in to change notification settings - Fork 16
/
run_describe_vpc.py
executable file
·230 lines (168 loc) · 5.45 KB
/
run_describe_vpc.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
#!/usr/bin/env python3
from run_common import AWSCli
aws_cli = AWSCli()
def describe_eb_vpc():
rds_vpc_id, eb_vpc_id = aws_cli.get_vpc_id()
if eb_vpc_id is None:
return False
else:
return eb_vpc_id
def describe_eb_subnets(vpc_id=None):
cmd = ['ec2', 'describe-subnets']
cmd += [f'--filters=Name=vpc-id,Values={vpc_id}']
result = aws_cli.run(cmd, ignore_error=True)
if not result['Subnets']:
return False
else:
return True
def describe_internet_gateways(vpc_id=None):
cmd = ['ec2', 'describe-internet-gateways']
cmd += [f'--filters=Name=attachment.vpc-id,Values={vpc_id}']
result = aws_cli.run(cmd, ignore_error=True)
if not result['InternetGateways']:
return False
else:
return True
def describe_addressed():
cmd = ['ec2', 'describe-addresses']
result = aws_cli.run(cmd, ignore_error=True)
if not result['Addresses']:
return False
else:
return True
def describe_nat_gateways(vpc_id=None):
cmd = ['ec2', 'describe-nat-gateways']
cmd += [f'--filter=Name=vpc-id,Values={vpc_id}']
# noinspection PyBroadException
try:
result = aws_cli.run(cmd)
if not result['NatGateways']:
return False
except Exception:
return False
return True
def describe_eb_route_tables(vpc_id=None):
cmd = ['ec2', 'describe-route-tables']
cmd += [f'--filters=Name=vpc-id,Values={vpc_id}']
result = aws_cli.run(cmd, ignore_error=True)
if not result['RouteTables']:
return False
else:
return True
def describe_eb_security_groups(vpc_id):
if not vpc_id:
return False
cmd = ['ec2', 'describe-security-groups']
cmd += [f'--filters=Name=vpc-id,Values={vpc_id}']
result = aws_cli.run(cmd, ignore_error=True)
if not result['SecurityGroups']:
return False
else:
return True
def describe_rds_vpc():
rds_vpc_id, eb_vpc_id = aws_cli.get_vpc_id()
if rds_vpc_id is None:
return False
else:
return rds_vpc_id
def describe_rds_subnets(vpc_id=None):
cmd = ['rds', 'describe-db-subnet-groups']
result = aws_cli.run(cmd, ignore_error=True)
group_list = result['DBSubnetGroups']
for group in group_list:
if group['VpcId'] == vpc_id:
return True
return False
def describe_rds_route_tables(vpc_id=None):
cmd = ['ec2', 'describe-route-tables']
cmd += [f'--filters=Name=vpc-id,Values={vpc_id}']
result = aws_cli.run(cmd, ignore_error=True)
if not result['RouteTables']:
return False
else:
return True
def describe_rds_security_groups(vpc_id):
if not vpc_id:
return False
cmd = ['ec2', 'describe-security-groups']
cmd += [f'--filters=Name=vpc-id,Values={vpc_id}']
result = aws_cli.run(cmd, ignore_error=True)
if not result['SecurityGroups']:
return False
else:
return True
def describe_vpc_peering_connection(vpc_id_1, vpc_id_2):
filter_1 = f'Name=accepter-vpc-info.vpc-id,Values={vpc_id_1}'
filter_2 = f'Name=requester-vpc-info.vpc-id,Values={vpc_id_2}'
cmd = ['ec2', 'describe-vpc-peering-connections']
cmd += [f'--filters={filter_1},{filter_2}']
result = aws_cli.run(cmd, ignore_error=True)
if not result or not result['VpcPeeringConnections']:
return False
else:
return True
if __name__ == "__main__":
from run_common import parse_args
parse_args()
results = list()
current_eb_vpc_id = None
if not describe_eb_vpc():
results.append(['EC2 VPC', 'X'])
else:
current_eb_vpc_id = describe_eb_vpc()
results.append(['EC2 VPC', 'O'])
if not describe_eb_subnets(current_eb_vpc_id):
results.append(['EC2 Subnets', 'X'])
else:
results.append(['EC2 Subnets', 'O'])
if not describe_internet_gateways(current_eb_vpc_id):
results.append(['EC2 Internet Gateway', 'X'])
else:
results.append(['EC2 Internet Gateway', 'O'])
if not describe_addressed():
results.append(['EC2 EIP', 'X'])
else:
results.append(['EC2 EIP', 'O'])
if not describe_nat_gateways(current_eb_vpc_id):
results.append(['EC2 Nat Gateway', 'X'])
else:
results.append(['EC2 Nat Gateway', 'O'])
if not describe_eb_route_tables(current_eb_vpc_id):
results.append(['EC2 Route', 'X'])
else:
results.append(['EC2 Route', 'O'])
if not describe_eb_security_groups(current_eb_vpc_id):
results.append(['EC2 Security Group', 'X'])
else:
results.append(['EC2 Security Group', 'O'])
print('#' * 80)
for r in results:
print(f'{r[0]:25} -------------- {r[1]}')
print('#' * 80)
results = list()
current_rds_vpc_id = None
if not describe_rds_vpc():
results.append(['RDS VPC', 'X'])
else:
current_rds_vpc_id = describe_rds_vpc()
results.append(['RDS VPC', 'O'])
if not describe_rds_subnets(current_rds_vpc_id):
results.append(['RDS Subnets', 'X'])
else:
results.append(['RDS Subnets', 'O'])
if not describe_rds_route_tables(current_rds_vpc_id):
results.append(['RDS Route', 'X'])
else:
results.append(['RDS Route', 'O'])
if not describe_rds_security_groups(current_rds_vpc_id):
results.append(['RDS Security Group', 'X'])
else:
results.append(['RDS Security Group', 'O'])
if not describe_vpc_peering_connection(current_eb_vpc_id, current_rds_vpc_id):
results.append(['VPC Peering Connection', 'X'])
else:
results.append(['VPC Peering Connection', 'O'])
print('#' * 80)
for r in results:
print(f'{r[0]:25} -------------- {r[1]}')
print('#' * 80)