Change IP settings to ACL of conoha with python

Basically, only adding and updating security group rules, so it is a condition that a security group has already been set for the target.

A little explanation

• my_token. Use txt`` and ``my_ip.txt` ``
• Basically, exchange with Requests
• Process the json data received by the json module
• If the old IP is registered in the security group, delete it and add a new rule
• I put comments in Japanese according to the post. Please delete or rewrite it.

code

set_acl.py

#!/usr/bin/env python
import requests
import json
import os

class set_rule():

        def __init__(self): #Initialization
                my_ip = ""
                my_token = ""
                my_rule =""

        def set_data(self,rule): #Set of security group ID, token, current IP
                self.my_rule = rule
                with open('my_ip.txt','r') as f:
                        self.my_ip = f.read()

                with open('my_token.txt','r') as f:
                        self.my_token = f.read()

        def remove(self): #Delete old registration information
                rule_data = ''
                rule_flug = os.path.exists("./my_rule.txt")

                if rule_flug: #Do not delete if the file does not exist
                        with open('my_rule.txt', 'r') as f:
                                rule_data = f.read()
                        url='https://networking.tyo1.conoha.io/v2.0/security-group-rules/'+rule_data
                        header={'Accept':'application/json','X-Auth-Token':''}
                        header['X-Auth-Token']=self.my_token
                        r = requests.delete(url,headers=header)
                        print "delete_rule_data="+rule_data

                if rule_flug == False:
                        print "no_rule_data"

        def set_ip(self): #Add rule to security group Setting to allow tcp communication from external specified IP, no port restriction
                url = "https://networking.tyo1.conoha.io/v2.0/security-group-rules"
                header = {'Accept':'application/json','X-Auth-Token':''}
                header['X-Auth-Token']=self.my_token
                data = {"security_group_rule":{"direction": "ingress","ethertype": "IPv4","security_group_id":"","protocol":"tcp" ,"remote_ip_prefix":""}}
                data["security_group_rule"]["security_group_id"]=self.my_rule
                data["security_group_rule"]["remote_ip_prefix"]=self.my_ip

                r = requests.post(url,data=json.dumps(data),headers=header)

                with open('rule_data.json','w') as f:
                        f.write(r.text)

                with open('rule_data.json','r') as f:
                        jsonData = json.loads(f.read())

                with open('my_rule.txt','w') as f: #Record rule ID
                        f.write(jsonData["security_group_rule"]["id"])
                        print "set_rule="+jsonData["security_group_rule"]["id"]

def set_rule_main(group): #Main processing
        groupid = group
        rule_setter = set_rule()
        rule_setter.set_data(groupid)
        rule_setter.remove()
        rule_setter.set_ip()


if __name__ == '__main__':
        set_rule_main("Security group ID")

If you only want to update, Get Token and Get IP and this time Import the script of and use it for batch processing.

Example of use

set_acl_main.py

#!/usr/bin/env python
import ip
import get_token
import set_acl

get_ip_url = "http://www.axisnetworks.biz/tools/gip/"
user = 'XXXXXX'
key = 'XXXXXX'
tenantId = 'XXXXXXX'
security_group = "XXXXXXXXX"

if __name__ == '__main__':
        ip.ip_get(get_ip_url)
        get_token.token_get_main(user,key,tenantId)
        set_acl.set_rule_main(security_group)

I had set my home IP in the ACL, but when my home router restarted, the IP changed, and it was troublesome to reset at that time, so I created it, but when I changed the line recently, it was almost It's no longer needed.