-
Notifications
You must be signed in to change notification settings - Fork 5
/
crosszonehawithpathcheckdualnic.py
72 lines (67 loc) · 2.97 KB
/
crosszonehawithpathcheckdualnic.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
import logging
import boto3
import urllib3
from botocore.exceptions import ClientError
event = {}
context = {}
ec2 = boto3.resource('ec2')
ec2_client = boto3.client('ec2')
logger = logging.getLogger()
logger.setLevel(logging.INFO)
def lambda_handler(event, context):
eniinfo = ec2.NetworkInterface(event['trustgood']).private_ip_address
#print(eniinfo)
logger.info("eniinfo var {}".format(eniinfo))
http = urllib3.PoolManager()
logger.info("http var {}".format(http))
#print(http)
urlvar = 'http://' + eniinfo
try:
r = http.request('GET', urlvar, headers={'Host': 'checkip.amazonaws.com'}, timeout=5.0, retries=1)
except:
logger.info("*****path check failed*****")
return
#print(r)
#print(r.status)
#print(r.headers)
if (r.status == 200):
logger.info("*****Path 200OK*****")
elif (r.status == 302):
logger.info("*****Site Redirected*****")
else:
logger.info("*****Site NOT 200OK*****")
return
route_table = ec2_client.describe_route_tables(
Filters=[
{
'Name': 'vpc-id',
'Values': [
event['vpcid']
]
},
]
)
if route_table.get('RouteTables'):
for i in range(len(route_table['RouteTables'])):
routes = route_table['RouteTables'][i]['Routes']
for route in routes:
key = 'NetworkInterfaceId'
if key in route:
if route['NetworkInterfaceId'] == event['untrustdead']:
response = ec2_client.replace_route(
RouteTableId=(route_table['RouteTables'][i]['RouteTableId']),
DryRun=False,
NetworkInterfaceId=event['untrustgood'],
DestinationCidrBlock=(route['DestinationCidrBlock'])
)
logger.info("Success! Changing {} route next hop to {} in route table {} .... response {}".format(route['DestinationCidrBlock'], event['untrustgood'],route_table['RouteTables'][i]['RouteTableId'],response))
elif route['NetworkInterfaceId'] == event['trustdead']:
response = ec2_client.replace_route(
RouteTableId=(route_table['RouteTables'][i]['RouteTableId']),
DryRun=False,
NetworkInterfaceId=event['trustgood'],
DestinationCidrBlock=(route['DestinationCidrBlock'])
)
logger.info("Success! Changing {} route next hop to {} in route table {} .... response {}".format(route['DestinationCidrBlock'], event['trustgood'],route_table['RouteTables'][i]['RouteTableId'],response))
else:
logger.info('No routes to process')