jameslavender
/
gists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Add script to copy security groups across accounts

master
lavenderguitar 2 years ago
parent
69b5be11c0
commit
da69111cfd
1 changed files with 37 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 37
      copy_security_groups.py

37
copy_security_groups.py
View File

@ -0,0 +1,37 @@
import boto3
# Source AWS profile and security group information
source_profile_name = "SOURCE_PROFILE_NAME"
source_region_name = "SOURCE_REGION_NAME"
source_security_group_id = "SOURCE_SECURITY_GROUP_ID"
# Destination AWS profile and VPC information
destination_profile_name = "DESTINATION_PROFILE_NAME"
destination_region_name = "DESTINATION_REGION_NAME"
destination_vpc_id = "DESTINATION_VPC_ID"
# Create boto3 sessions for source and destination AWS profiles
source_session = boto3.Session(profile_name=source_profile_name, region_name=source_region_name)
destination_session = boto3.Session(profile_name=destination_profile_name, region_name=destination_region_name)
# Create boto3 clients for source and destination AWS accounts
source_ec2 = source_session.client('ec2')
destination_ec2 = destination_session.client('ec2')
# Retrieve source security group information
response = source_ec2.describe_security_groups(GroupIds=[source_security_group_id])
# Create a new security group in the destination VPC with the same name as the source security group
new_security_group = destination_ec2.create_security_group(GroupName=response['SecurityGroups'][0]['GroupName'],
Description=response['SecurityGroups'][0]['Description'],
VpcId=destination_vpc_id)
# Add the inbound and outbound rules from the source security group to the new security group
for ip_permission in response['SecurityGroups'][0]['IpPermissions']:
destination_ec2.authorize_security_group_ingress(GroupId=new_security_group['GroupId'],
IpPermissions=[ip_permission])
for ip_permission in response['SecurityGroups'][0]['IpPermissionsEgress']:
destination_ec2.authorize_security_group_egress(GroupId=new_security_group['GroupId'],
IpPermissions=[ip_permission])
print("Security group copied successfully!")
Write Preview
Loading…
Cancel
Save