Python 使用boto的AWS DB安全组（捕获异常）

我正在使用boto创建db安全组。我想要这样的东西：

try:
  group = conn.get_all_dbsecurity_groups('{{name}}')
  group[0].authorize({{connection_type}} = '{{details}}')
except boto.exception.BotoServerError as e:
  if (e.status == 400 && e.error_code == 'DBSecurityGroupNotFound'):
    sg = conn.create_dbsecurity_group('{{name}}', '{{description}}')
    sg.authorize({{connection_type}} = '{{details}}')
  else:
    raise;

• 如果db安全组存在，请检查给定规则，如果没有，请使用该规则授权该组
• 如果该组不存在，请创建它，并使用给定的规则授权该组

这是我目前的代码：

import boto.rds
conn = boto.rds.connect_to_region("{{region}}", aws_access_key_id = '{{ keyid }}', aws_secret_access_key = '{{ key }}')

group = conn.get_all_dbsecurity_groups('{{name}}')

if group:
    group[0].authorize({{ connection_type }} = '{{ details }}')
else: 
    sg = conn.create_dbsecurity_group('{{ name }}', '{{ description }}')
    sg.authorize({{ connection_type }} = '{{ details }}')

我得到了以下错误：

DBSecurityGroup未找到

 Traceback (most recent call last):
    File "/usr/local/src/dbgroups.py", line 18, in <module>
        group = conn.get_all_dbsecurity_groups('kdkdkdk')
    File "/usr/local/lib/python2.7/site-packages/boto/rds/__init__.py", line 923, in get_all_dbsecurity_groups
        [('DBSecurityGroup', DBSecurityGroup)])
    File "/usr/local/lib/python2.7/site-packages/boto/connection.py", line 1186, in get_list
        raise self.ResponseError(response.status, response.reason, body)
    boto.exception.BotoServerError: BotoServerError: 404 Not Found
    <ErrorResponse xmlns="http://rds.amazonaws.com/doc/2013-05-15/">
        <Error>
            <Type>Sender</Type>
            <Code>DBSecurityGroupNotFound</Code>
            <Message>DBSecurityGroup dbgrouptesting not found.</Message>
        </Error>
        <RequestId>3b9af082-fe3c-11e4-bd53-e9bc444dcde5</RequestId>
    </ErrorResponse>

授权已存在

Traceback (most recent call last):
    File "/usr/local/src/dbgroups.py", line 24, in <module>
        group[0].authorize(cidr_ip = '0.0.0.0/0')
    File "/usr/local/lib/python2.7/site-packages/boto/rds/dbsecuritygroup.py", line 109, in authorize
        group_owner_id)
    File "/usr/local/lib/python2.7/site-packages/boto/rds/__init__.py", line 995, in authorize_dbsecurity_group
        DBSecurityGroup)
    File "/usr/local/lib/python2.7/site-packages/boto/connection.py", line 1208, in get_object
        raise self.ResponseError(response.status, response.reason, body)
    boto.exception.BotoServerError: BotoServerError: 400 Bad Request
    <ErrorResponse xmlns="http://rds.amazonaws.com/doc/2013-05-15/">
        <Error>
            <Type>Sender</Type>
            <Code>AuthorizationAlreadyExists</Code>
            <Message>Authorization already exists: 0.0.0.0/0</Message>
        </Error>
    <RequestId>5fc68ac7-fe3b-11e4-b082-0b206bb7b937</RequestId>
    </ErrorResponse>

---

当请求的安全组不存在时，boto函数似乎会抛出DBSecurityGroupNotFound异常，而不是返回nil或空响应。因此，将代码更改为使用try/except而不是“if group”

大概是这样的：

try:
  group = conn.get_all_dbsecurity_groups('{{name}}')
  group[0].authorize({{connection_type}} = '{{details}}')
except boto.exception.BotoServerError as e:
  if (e.status == 400 && e.error_code == 'DBSecurityGroupNotFound'):
    sg = conn.create_dbsecurity_group('{{name}}', '{{description}}')
    sg.authorize({{connection_type}} = '{{details}}')
  else:
    raise;

您还需要处理来自“授权”调用的潜在错误

或者，预先获取所有安全组的列表，然后在该列表中找到所需的安全组并相应地进行操作