o .&a! @sdZddlmZddZddZddZd efd efd efd efd efdefdefdefdefdefdefdefg ZdZdZdZ dZ dZ ddZ ddZ GdddeZGd d!d!eZGd"d#d#eZGd$d%d%eZGd&d'd'eZd(S))a This customization adds the following scalar parameters to the authorize operations: * --protocol: tcp | udp | icmp or any protocol number * --port: A single integer or a range (min-max). You can specify ``all`` to mean all ports (for example, port range 0-65535) * --source-group: Either the source security group ID or name. * --cidr - The CIDR range. Cannot be used when specifying a source or destination security group. )CustomArgumentcKstdtd}||d<d|d_tdtd}||d<d|d_d|d_tdtd}||d<d|d _td td}||d <d|d _t d t d}||d <d|d _dS)Nprotocol) help_textTz ip-protocolportz from-portzto-portcidrzcidr-ipz source-groupzsource-security-group-namez group-ownerzsource-security-group-owner-id) ProtocolArgument PROTOCOL_DOCS _UNDOCUMENTED PortArgument PORT_DOCS CidrArgument CIDR_DOCSSourceGroupArgumentSOURCEGROUP_DOCSGroupOwnerArgumentGROUPOWNER_DOCS)argument_tablekwargsargrL/usr/lib/python3/dist-packages/awscli/customizations/ec2/secgroupsimplify.py _add_paramss,       rcKs:t|}|drdD]}||rd|}t|q dSdS)Nip_permissions)rrr source_group group_ownerzCThe --%s option is not compatible with the --ip-permissions option )vars ValueError) parsed_argsrarg_dictkeymsgrrr _check_args8sr!cKs6|j}|j|jd}|||jdS)NzZTo specify multiple rules in a single command use the --ip-permissions option)docstyle new_paragraph start_noteinclude_doc_stringend_note) help_commandrr"r rrr _add_docsFs    r)zThe IP protocol: tcp | udp | icmp

(VPC only) Use all to specify all protocols.

If this argument is provided without also providing the port argument, then it will be applied to all ports for the specified protocol.

a

For TCP or UDP: The range of ports to allow. A single integer or a range (min-max).

For ICMP: A single integer or a range (type-code) representing the ICMP type number and the ICMP code number respectively. A value of -1 indicates all ICMP codes for all ICMP types. A value of -1 just for type indicates all ICMP codes for the specified ICMP type.

z

The CIDR IP range.

z3

The name or ID of the source security group.

zp

The AWS account ID that owns the source security group. Cannot be used when specifying a CIDR IP address.

cCstD] \}}|||qdS)N)EVENTSregister) event_handlereventhandlerrrrregister_secgroupvs r/cCsd|vr ig|d<|dkr*d|ddvrg|ddd<|ddd|dS|dvrMd|ddvr?ig|ddd<||dddd|<dS||dd|<dS)N IpPermissionsCidrIpIpRangesrr)GroupId GroupNameUserIdUserIdGroupPairs)append)paramsrvaluerrr_build_ip_permissions{s r:c@eZdZddZdS)rcCs||r (e.g. 22 or 22-25))splitr:rDr)rErFr9fromstrtostrr rrrrHs  zPortArgument.add_to_paramsNrIrrrrr rMr c@r;)r cCs"|rd|ig}t|d|dSdS)Nr1r2r:rErFr9rrrrHs zCidrArgument.add_to_paramsNrIrrrrr rMr c@r;)rcCs2|r|drt|d|dSt|d|dSdS)Nzsg-r3r4) startswithr:rVrrrrHs  z!SourceGroupArgument.add_to_paramsNrIrrrrrrMrc@r;)rcCs|r t|d|dSdS)Nr5rUrVrrrrHsz GroupOwnerArgument.add_to_paramsNrIrrrrrrMrN)__doc__awscli.argumentsrrr!r)r*rr r rrr/r:rr r rrrrrrsH