← Back to branch summary

~anso/nova/staging

« back to all changes in this revision

Viewing changes to nova/api/ec2/admin.py

  • Committer: Todd Willey
  • Date: 2011-03-30 07:51:02 UTC
  • Revision ID: todd@ansolabs.com-20110330075102-o22wqn6lnpasttv4
Disable floating (public) ips.

Show diffs side-by-side

added added

removed removed

Lines of Context:
nova/api/ec2/admin.py
28
28
from nova import exception
29
29
from nova import flags
30
30
from nova import log as logging
 
31
from nova import network
31
32
from nova import utils
32
33
from nova.api.ec2 import ec2utils
33
34
from nova.auth import manager
333
334
 
334
335
    def disable_project_credentials(self, context, project):
335
336
        """Revoke credentials and stop the vpn instance."""
 
337
        LOG.audit(_("Revoking certificates for project: %s"), project)
336
338
        crypto.revoke_certs_by_project(project)
337
339
        return {'status': 'OK', 'message': 'Credentials Revoked'}
 
340
 
 
341
    def disable_floating_ips(self, context, project=None):
 
342
        """Disable public addresses in response to security incident."""
 
343
        if project:
 
344
            projects = [manager.AuthManager().get_project(project)]
 
345
        else:
 
346
            projects = manager.AuthManager().get_projects()
 
347
        network_api = network.API()
 
348
        for p in projects:
 
349
            LOG.audit(_("Disabling public IPs for project: %s"), p.id)
 
350
            for ip in db.floating_ip_get_all_by_project(context, p.id):
 
351
                network_api.disassociate_floating_ip(context, ip)
 
352
        return {'status': 'OK', 'message': 'Disabled public addresses'}