Perform preliminary infrastructure check by deriving EC2 instance ID from demo app URL, checking instance state, and verifying security group access for port 81

import json import socket import boto3 from urllib.parse import urlparse # Parse the demo app URL to extract hostname parsed_url = urlparse(demo_app_url) hostname = parsed_url.hostname print(f"Extracting IP from hostname: {hostname}") # Perform DNS lookup to get IP address try: instance_ip = socket.gethostbyname(hostname) print(f"Resolved IP address: {instance_ip}") except socket.gaierror as e: print(f"DNS resolution failed: {e}") instance_ip = None ec2_instance_id = None instance_state = "unknown" port_81_accessible = False security_group_details = {"group_ids": [], "port_81_rules": [], "all_inbound_rules": []} preliminary_check_passed = False else: # Initialize AWS EC2 client aws_access_key = getEnvVar("READONLY_AWS_ACCESS_KEY_ID") aws_secret_key = getEnvVar("READONLY_AWS_SECRET_ACCESS_KEY") ec2_client = boto3.client( 'ec2', region_name='us-west-2', aws_access_key_id=aws_access_key, aws_secret_access_key=aws_secret_key ) # Find EC2 instance by public IP try: response = ec2_client.describe_instances( Filters=[ {'Name': 'ip-address', 'Values': [instance_ip]}, {'Name': 'instance-state-name', 'Values': ['running', 'stopped', 'stopping', 'starting']} ] ) ec2_instance_id = None instance_state = "not_found" for reservation in response['Reservations']: for instance in reservation['Instances']: if instance.get('PublicIpAddress') == instance_ip: ec2_instance_id = instance['InstanceId'] instance_state = instance['State']['Name'] break if ec2_instance_id: break if not ec2_instance_id: print(f"No EC2 instance found with public IP: {instance_ip}") port_81_accessible = False security_group_details = {"group_ids": [], "port_81_rules": [], "all_inbound_rules": []} preliminary_check_passed = False else: print(f"Found EC2 instance: {ec2_instance_id} in state: {instance_state}") # Get security groups for the instance instance_details = ec2_client.describe_instances(InstanceIds=[ec2_instance_id]) security_groups = [] for reservation in instance_details['Reservations']: for instance in reservation['Instances']: security_groups = instance.get('SecurityGroups', []) break security_group_ids = [sg['GroupId'] for sg in security_groups] print(f"Security groups: {security_group_ids}") # Check security group rules for port 81 port_81_rules = [] all_inbound_rules = [] port_81_accessible = False if security_group_ids: sg_response = ec2_client.describe_security_groups(GroupIds=security_group_ids) for sg in sg_response['SecurityGroups']: for rule in sg.get('IpPermissions', []): rule_info = { 'group_id': sg['GroupId'], 'from_port': rule.get('FromPort'), 'to_port': rule.get('ToPort'), 'protocol': rule.get('IpProtocol'), 'cidr_blocks': [ip_range.get('CidrIp') for ip_range in rule.get('IpRanges', [])] } all_inbound_rules.append(rule_info) # Check if rule allows port 81 if (rule.get('IpProtocol') == 'tcp' and rule.get('FromPort') is not None and rule.get('ToPort') is not None and rule.get('FromPort') <= 81 <= rule.get('ToPort')): port_81_rules.append(rule_info) port_81_accessible = True elif rule.get('IpProtocol') == '-1': # All traffic port_81_rules.append(rule_info) port_81_accessible = True security_group_details = { "group_ids": security_group_ids, "port_81_rules": port_81_rules, "all_inbound_rules": all_inbound_rules } # Determine if preliminary check passed preliminary_check_passed = (instance_state == "running" and port_81_accessible) print(f"Port 81 accessible: {port_81_accessible}") print(f"Preliminary check passed: {preliminary_check_passed}") except Exception as e: print(f"Error checking EC2 instance: {e}") ec2_instance_id = None instance_state = "error" port_81_accessible = False security_group_details = {"group_ids": [], "port_81_rules": [], "all_inbound_rules": []} preliminary_check_passed = False # Print all output parameters print(f"ec2_instance_id: {json.dumps(ec2_instance_id, indent=2)}") print(f"instance_state: {json.dumps(instance_state, indent=2)}") print(f"instance_ip: {json.dumps(instance_ip, indent=2)}") print(f"port_81_accessible: {json.dumps(port_81_accessible, indent=2)}") print(f"security_group_details: {json.dumps(security_group_details, indent=2)}") print(f"preliminary_check_passed: {json.dumps(preliminary_check_passed, indent=2)}")