diff --git a/secdep.py b/secdep.py index bb197ef..e944f0a 100755 --- a/secdep.py +++ b/secdep.py @@ -62,15 +62,15 @@ parser.add_argument('-x', '--start', help='Start an instance', action='store_tru parser.add_argument('-z', '--stop', help='Stop an instance', action='store_true') parser.add_argument('-r', '--reboot', help='Reboot an instance', action='store_true') parser.add_argument('-f', '--file', help='File to run on an instance', type=str, default=None, required=False) -parser.add_argument('-p', '--listimages', help='List images', action='store_true') -parser.add_argument('-q', '--listsizes', help='List sizes', action='store_true') +parser.add_argument('-I', '--listimages', help='List images', action='store_true') +parser.add_argument('-S', '--listsizes', help='List sizes', action='store_true') parser.add_argument('-G', '--listlocations', help='List locations', action='store_true') parser.add_argument('-i', '--image', help='Image to use') parser.add_argument('-s', '--size', help='Size of instance') parser.add_argument('-n', '--name', help='Name of instance') parser.add_argument('-g', '--region', help='Region to use') parser.add_argument('-y', '--yes', help='Do not ask for confirmation', action='store_true') -parser.add_argument('-k', '--print', help='Also print image, location or size', action='store_true') +parser.add_argument('-p', '--print', help='Also print image, location or size', action='store_true') args = parser.parse_args() if not os.path.exists(SECDEP_SSH_PUBLIC_KEY) or not os.path.exists(SECDEP_SSH_PRIVATE_KEY): @@ -106,9 +106,8 @@ if not os.path.exists(ENV_FILE): # 7) SECDEP_AZURE_PASSWORD # 8) SECDEP_AZURE_RESOURCE_GROUP # 9) SECDEP_AZURE_VIRTUAL_NETWORK -# 10 SECDEP_AZURE_STORAGE_ACCOUNT -# 11) SECDEP_AWS_ACCESS_KEY -# 12) SECDEP_AWS_SECRET_KEY +# 10) SECDEP_AWS_ACCESS_KEY +# 11) SECDEP_AWS_SECRET_KEY # For GCE we need to create a service account (with Owner Role from the IAM section) and download the json file (from # the Service Account's manage keys section) in the same directory as the script @@ -159,10 +158,6 @@ with open(ENV_FILE, 'r') as f: SECDEP_AZURE_VIRTUAL_NETWORK = input("Enter your AZURE_VIRTUAL_NETWORK: ") with open(ENV_FILE, 'a') as f: f.write('SECDEP_AZURE_VIRTUAL_NETWORK={}\n'.format(SECDEP_AZURE_VIRTUAL_NETWORK)) - if 'SECDEP_AZURE_STORAGE_ACCOUNT' not in env_file_content: - SECDEP_AZURE_STORAGE_ACCOUNT = input("Enter your AZURE_STORAGE_ACCOUNT: ") - with open(ENV_FILE, 'a') as f: - f.write('SECDEP_AZURE_STORAGE_ACCOUNT={}\n'.format(SECDEP_AZURE_STORAGE_ACCOUNT)) if 'SECDEP_AWS_ACCESS_KEY' not in env_file_content: SECDEP_AWS_ACCESS_KEY = input("Enter your AWS_ACCESS_KEY: ") with open(ENV_FILE, 'a') as f: @@ -196,7 +191,6 @@ def get_env_vars(): global SECDEP_AZURE_PASSWORD global SECDEP_AZURE_RESOURCE_GROUP global SECDEP_AZURE_VIRTUAL_NETWORK - global SECDEP_AZURE_STORAGE_ACCOUNT global SECDEP_AWS_ACCESS_KEY global SECDEP_AWS_SECRET_KEY # GCE @@ -214,7 +208,6 @@ def get_env_vars(): SECDEP_AZURE_PASSWORD = os.getenv('SECDEP_AZURE_PASSWORD') SECDEP_AZURE_RESOURCE_GROUP = os.getenv('SECDEP_AZURE_RESOURCE_GROUP') SECDEP_AZURE_VIRTUAL_NETWORK = os.getenv('SECDEP_AZURE_VIRTUAL_NETWORK') - SECDEP_AZURE_STORAGE_ACCOUNT = os.getenv('SECDEP_AZURE_STORAGE_ACCOUNT') # AWS SECDEP_AWS_ACCESS_KEY = os.getenv('SECDEP_AWS_ACCESS_KEY') SECDEP_AWS_SECRET_KEY = os.getenv('SECDEP_AWS_SECRET_KEY') @@ -970,6 +963,17 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi if provider == "gce": node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata) elif provider == "azure": + # sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP) + # for sec_group in sec_groups: + # if sec_group.name == name+"-sec_group": + # print("A security group with that name already exists, please try a different virtual machine name to differentiate the security group name") + # exit(0) + # ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP) + # for ip in ips: + # if ip.name == name+"-ip": + # print("An ip with that name already exists, please try a different virtual machine name to differentiate the ip name") + # exit(0) + # driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location) networks = driver.ex_list_networks() for network in networks: if network.name == SECDEP_AZURE_VIRTUAL_NETWORK: @@ -983,8 +987,10 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi print('Current virtual network\'s location: %s' % (ex_network.location)) exit(0) subnet = driver.ex_list_subnets(network=ex_network)[0] - network_interface = driver.ex_create_network_interface(name=name, subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location) - node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_storage_account=SECDEP_AZURE_STORAGE_ACCOUNT, ex_nic=network_interface, ex_os_disk_delete=True) + # public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip_allocation_method="Static") + print(public_ip = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)) + network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip=public_ip) + node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=network_interface, ex_os_disk_delete=True) else: keys = driver.list_key_pairs() for key in keys: @@ -1018,6 +1024,17 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi if provider == "gce": node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata) elif provider == "azure": + # sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP) + # for sec_group in sec_groups: + # if sec_group.name == name+"-sec_group": + # print("A security group with that name already exists, please try a different virtual machine name to differentiate the security group name") + # exit(0) + # ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP) + # for ip in ips: + # if ip.name == name+"-ip": + # print("An ip with that name already exists, please try a different virtual machine name to differentiate the ip name") + # exit(0) + # driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location) networks = driver.ex_list_networks() for network in networks: if network.name == SECDEP_AZURE_VIRTUAL_NETWORK: @@ -1031,8 +1048,10 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi print('Current virtual network\'s location: %s' % (ex_network.location)) exit(0) subnet = driver.ex_list_subnets(network=ex_network)[0] - network_interface = driver.ex_create_network_interface(name=name, subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location) - node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_storage_account=SECDEP_AZURE_STORAGE_ACCOUNT, ex_nic=network_interface, ex_os_disk_delete=True) + # public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip_allocation_method="Static") + public_ip = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)[0] + network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip=public_ip) + node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=network_interface, ex_os_disk_delete=True) else: keys = driver.list_key_pairs() for key in keys: @@ -1073,18 +1092,21 @@ def list_all_nodes(filterOut=None): print("Getting all nodes...") nodes = [] if SECDEP_GCE_CLIENT_ID != "": + print("Getting GCE nodes...") driver = get_corresponding_driver("gce") gceNodes = driver.list_nodes() if len(gceNodes) > 0: for node in gceNodes: nodes.append(node) if SECDEP_AZURE_APP_ID != "": + print("Getting AZURE nodes...") driver2 = get_corresponding_driver("azure") azureNodes = driver2.list_nodes() if len(azureNodes) > 0: for node in azureNodes: nodes.append(node) if SECDEP_AWS_ACCESS_KEY != "": + print("Getting AWS nodes...") awsLocations = ["ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", "eu-central-1", "eu-north-1", "eu-west-1", "eu-west-2", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"] for region in awsLocations: driver3 = get_driver(Provider.EC2)(SECDEP_AWS_ACCESS_KEY, SECDEP_AWS_SECRET_KEY,region=region) @@ -1127,6 +1149,23 @@ def delete_node(): print("%s node deleted successfully" % (providerName.upper())) else: print("%s node could not be deleted" % (providerName.upper())) + # if providerName == "azure": + # driver = get_corresponding_driver("azure") + # node_location = node.extra['location'] + # locations = driver.list_locations() + # for loc in locations: + # if loc.id == node_location: + # location = loc + # break + # sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP) + # for sec_group in sec_groups: + # if sec_group.name == node.name+"-sec_group": + # driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location) + # ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP) + # for ip in ips: + # if ip.name == node.name+"-ip": + # driver.ex_delete_public_ip(ip) + def delete_all_nodes(): nodes = list_all_nodes("terminated") @@ -1145,23 +1184,39 @@ def delete_all_nodes(): print("%s node deleted successfully" % (node.name)) else: print("%s node could not be deleted" % (node.name)) + # if providerName == "azure": + # driver = get_corresponding_driver("azure") + # node_location = node.extra['location'] + # locations = driver.list_locations() + # for loc in locations: + # if loc.id == node_location: + # location = loc + # break + # sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP) + # for sec_group in sec_groups: + # if sec_group.name == node.name+"-sec_group": + # driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location) + # ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP) + # for ip in ips: + # if ip.name == node.name+"-ip": + # driver.ex_delete_public_ip(ip) -# If -p -q or -G is passed, provider must be passed as well +# If -I -S or -G is passed, provider must be passed as well if args.listimages or args.listsizes or args.listlocations: assert args.provider is not None, "Provider must be passed if listing images, sizes or locations" # If -v or --values is passed, call the update_env_file function if args.values: update_env_file() if args.listimages and args.provider: - # If -p or --listimages is passed, call the list_provider_images function + # If -I or --listimages is passed, call the list_provider_images function if args.print: print(get_provider_image(args.provider)) else: list_provider_images(args.provider) exit(0) if args.listsizes and args.provider: - # If -q or --listsizes is passed, call the list_provider_sizes function + # If -S or --listsizes is passed, call the list_provider_sizes function if args.print: print(get_provider_size(args.provider)) else: