adamcousins · July 25, 2024 04:06
diff --git a/elblogging.py b/elblogging.py
 #!/bin/python
 import boto3
 import botocore
 from botocore.config import Config

 def list_elbs_v1(elbclient):
    list_of_elbs = elbclient.describe_load_balancers()['LoadBalancerDescriptions']
    print('The following Classic LOAD BALANCERS have been discovered.....')
    print('here')
    print(str(list_of_elbs))
    return list_of_elbs

 def list_elbs_v2(elbclient):
    list_of_elbs = elbclient.describe_load_balancers()['LoadBalancers']
    print('The following V2 LOAD BALANCERS have been discovered.....')
    print('here')
    print(str(list_of_elbs))
    return list_of_elbs

 def get_elb_v1_logging_config(elbName, elbclient):
    ELBattributes = elbclient.describe_load_balancer_attributes(LoadBalancerName=elbName)['LoadBalancerAttributes']
    print("")
    print('The current logging config for web ACL ' + str(elbName) + ' is ....')
    print(str(ELBattributes))
    return ELBattributes

 def list_elbs_v2(elbclient):
    list_of_elbs = elbclient.describe_load_balancers()['LoadBalancers']
    print('The following LOAD BALANCERS have been discovered.....')
    print('here')
    print(str(list_of_elbs))
    return list_of_elbs

 def get_elb_v2_logging_config(elbArn, elbclient):
    ELBattributes = elbclient.describe_load_balancer_attributes(LoadBalancerArn=elbArn)['Attributes']
    print("")
    print('The current logging config for web ACL ' + str(elbArn) + ' is ....')
    print(str(ELBattributes))
    return ELBattributes

 def put_elb_v1_logging_atrributes(elbName, ELBattributes, bucketName, elbv1client):
    updateConfig = {'AccessLog': { 'Enabled' : True, 'S3BucketName' : bucketName }}
    ELBattributes.update(updateConfig)
    print("nowhere")
    print(str(ELBattributes))
    LoggingConfig = elbv1client.modify_load_balancer_attributes(LoadBalancerName=elbName, LoadBalancerAttributes=ELBattributes)
    print("")
    print('The updated logging config for web ACL ' + str(elbName) + ' is ....')
    print(str(LoggingConfig))
    return LoggingConfig

 def put_elb_v2_logging_atrributes(elbArn, ELBattributes, bucketName, elbv2client):
    updateConfigEnabled = {'Key': 'access_logs.s3.enabled', 'Value': 'true' }
    updateConfigBucket = {'Key': 'access_logs.s3.bucket', 'Value': bucketName }
    ELBattributes = [d for d in ELBattributes if d['Key'] != updateConfigEnabled['Key']]
    ELBattributes = [d for d in ELBattributes if d['Key'] != updateConfigBucket['Key']]
    ELBattributes.append(updateConfigEnabled)
    ELBattributes.append(updateConfigBucket)
    LoggingConfig = elbv2client.modify_load_balancer_attributes(LoadBalancerArn=elbArn, Attributes=ELBattributes)
    print("")
    print('The updated logging config for web ACL ' + str(elbArn) + ' is ....')
    print(str(LoggingConfig))
    return LoggingConfig


 #### Actions ###
 def put_v1_elb_logging_config(region, bucketName):
    elbv1client = boto3.client('elb', region_name=region)
    listOfElbNames = list_elbs_v1(elbv1client)
    for item in listOfElbNames:
        print("")
        print('The following ELB is being modified')
        print(str(item))
        elbName = item['LoadBalancerName']
        ELBattributes = get_elb_v1_logging_config(elbName, elbv1client)
        put_elb_v1_logging_atrributes(elbName, ELBattributes, bucketName, elbv1client)
        get_elb_v1_logging_config(elbName, elbv1client)
    print('done')

 def put_v2_elb_logging_config(region, bucketName):
    elbv2client = boto3.client('elbv2', region_name=region)
    listOfElbArns = list_elbs_v2(elbv2client)
    for item in listOfElbArns:
        print("")
        print('The following ELB is being modified')
        print(str(item))
        elbArn = item['LoadBalancerArn']
        ELBattributes = get_elb_v2_logging_config(elbArn, elbv2client)
        put_elb_v2_logging_atrributes(elbArn, ELBattributes, bucketName, elbv2client)
        get_elb_v2_logging_config(elbArn, elbv2client)
    print('done')


 def get_acc_id():
    stsclient = boto3.client('sts')
    response = stsclient.get_caller_identity()['Account']
    return response


 def main():
    account_id = get_acc_id()
    bucket_name='bucket-elb-access-logs-' + account_id + '-ap-southeast-2'
    put_v1_elb_logging_config('ap-southeast-2', bucket_name)
    put_v2_elb_logging_config('ap-southeast-2', bucket_name)

 main()
	#!/bin/python
	import boto3
	import botocore
	from botocore.config import Config

	def list_elbs_v1(elbclient):
	list_of_elbs = elbclient.describe_load_balancers()['LoadBalancerDescriptions']
	print('The following Classic LOAD BALANCERS have been discovered.....')
	print('here')
	print(str(list_of_elbs))
	return list_of_elbs

	def list_elbs_v2(elbclient):
	list_of_elbs = elbclient.describe_load_balancers()['LoadBalancers']
	print('The following V2 LOAD BALANCERS have been discovered.....')
	print('here')
	print(str(list_of_elbs))
	return list_of_elbs

	def get_elb_v1_logging_config(elbName, elbclient):
	ELBattributes = elbclient.describe_load_balancer_attributes(LoadBalancerName=elbName)['LoadBalancerAttributes']
	print("")
	print('The current logging config for web ACL ' + str(elbName) + ' is ....')
	print(str(ELBattributes))
	return ELBattributes

	def list_elbs_v2(elbclient):
	list_of_elbs = elbclient.describe_load_balancers()['LoadBalancers']
	print('The following LOAD BALANCERS have been discovered.....')
	print('here')
	print(str(list_of_elbs))
	return list_of_elbs

	def get_elb_v2_logging_config(elbArn, elbclient):
	ELBattributes = elbclient.describe_load_balancer_attributes(LoadBalancerArn=elbArn)['Attributes']
	print("")
	print('The current logging config for web ACL ' + str(elbArn) + ' is ....')
	print(str(ELBattributes))
	return ELBattributes

	def put_elb_v1_logging_atrributes(elbName, ELBattributes, bucketName, elbv1client):
	updateConfig = {'AccessLog': { 'Enabled' : True, 'S3BucketName' : bucketName }}
	ELBattributes.update(updateConfig)
	print("nowhere")
	print(str(ELBattributes))
	LoggingConfig = elbv1client.modify_load_balancer_attributes(LoadBalancerName=elbName, LoadBalancerAttributes=ELBattributes)
	print("")
	print('The updated logging config for web ACL ' + str(elbName) + ' is ....')
	print(str(LoggingConfig))
	return LoggingConfig

	def put_elb_v2_logging_atrributes(elbArn, ELBattributes, bucketName, elbv2client):
	updateConfigEnabled = {'Key': 'access_logs.s3.enabled', 'Value': 'true' }
	updateConfigBucket = {'Key': 'access_logs.s3.bucket', 'Value': bucketName }
	ELBattributes = [d for d in ELBattributes if d['Key'] != updateConfigEnabled['Key']]
	ELBattributes = [d for d in ELBattributes if d['Key'] != updateConfigBucket['Key']]
	ELBattributes.append(updateConfigEnabled)
	ELBattributes.append(updateConfigBucket)
	LoggingConfig = elbv2client.modify_load_balancer_attributes(LoadBalancerArn=elbArn, Attributes=ELBattributes)
	print("")
	print('The updated logging config for web ACL ' + str(elbArn) + ' is ....')
	print(str(LoggingConfig))
	return LoggingConfig


	#### Actions ###
	def put_v1_elb_logging_config(region, bucketName):
	elbv1client = boto3.client('elb', region_name=region)
	listOfElbNames = list_elbs_v1(elbv1client)
	for item in listOfElbNames:
	print("")
	print('The following ELB is being modified')
	print(str(item))
	elbName = item['LoadBalancerName']
	ELBattributes = get_elb_v1_logging_config(elbName, elbv1client)
	put_elb_v1_logging_atrributes(elbName, ELBattributes, bucketName, elbv1client)
	get_elb_v1_logging_config(elbName, elbv1client)
	print('done')

	def put_v2_elb_logging_config(region, bucketName):
	elbv2client = boto3.client('elbv2', region_name=region)
	listOfElbArns = list_elbs_v2(elbv2client)
	for item in listOfElbArns:
	print("")
	print('The following ELB is being modified')
	print(str(item))
	elbArn = item['LoadBalancerArn']
	ELBattributes = get_elb_v2_logging_config(elbArn, elbv2client)
	put_elb_v2_logging_atrributes(elbArn, ELBattributes, bucketName, elbv2client)
	get_elb_v2_logging_config(elbArn, elbv2client)
	print('done')


	def get_acc_id():
	stsclient = boto3.client('sts')
	response = stsclient.get_caller_identity()['Account']
	return response


	def main():
	account_id = get_acc_id()
	bucket_name='bucket-elb-access-logs-' + account_id + '-ap-southeast-2'
	put_v1_elb_logging_config('ap-southeast-2', bucket_name)
	put_v2_elb_logging_config('ap-southeast-2', bucket_name)

	main()