xSYmJ2ECr0PZ9k9aTbFvSecurity group blocked the API request
Security group blocked the API request
Looks at the security groups of the master instances (by their IDs) to check if there are possible port configuration mismatches preventing connectivity.
inputs
outputs
import json
for instance_id in master_instance_ids:
_problem = True
cmd = f"aws ec2 describe-instances --instance-ids {instance_id} --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId' --output=text"
sg_ids1 = _exe(None, cmd)
print(sg_ids1)
sg_ids = re.split('\s',sg_ids1.strip())
if sg_ids:
for sg_id in sg_ids:
if not sg_id:
continue
cmd1 = 'aws ec2 describe-security-groups --filter Name=group-id,Values='
cmd1+= sg_id
cmd1+= ' --query SecurityGroups[*].IpPermissions[*]'
op = _exe(None, cmd1)
json_op = json.loads(op)
for sg in json_op:
for rule in sg:
if 'FromPort' in rule:
port_lo = int(rule['FromPort'])
port_hi = port_lo
if 'ToPort' in rule:
port_hi = int(rule['ToPort'])
if port >= port_lo and port <= port_hi:
_problem = False
else:
continue
if _problem:
break
if _problem:
context.log("ERROR", "Found problem")
copied