Pull in upstream boto from github at bcb719937de9ac2851e632d62b777352029a6d55

boto/ec2/connection.py

 # Copyright (c) 2006-2010 Mitch Garnaat http://garnaat.org/
 # Copyright (c) 2010, Eucalyptus Systems, Inc.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the
 # "Software"), to deal in the Software without restriction, including
 # without limitation the rights to use, copy, modify, merge, publish, dis-
 # tribute, sublicense, and/or sell copies of the Software, and to permit
 # persons to whom the Software is furnished to do so, subject to the fol-
 # lowing conditions:
@@ skipping 39 matching lines @@
 from boto.ec2.spotdatafeedsubscription import SpotDatafeedSubscription
 from boto.ec2.bundleinstance import BundleInstanceTask
 from boto.ec2.placementgroup import PlacementGroup
 from boto.ec2.tag import Tag
 from boto.exception import EC2ResponseError
 
 #boto.set_stream_logger('ec2')
 
 class EC2Connection(AWSQueryConnection):
 
-    APIVersion = boto.config.get('Boto', 'ec2_version', '2011-01-01')
+    APIVersion = boto.config.get('Boto', 'ec2_version', '2011-11-01')
     DefaultRegionName = boto.config.get('Boto', 'ec2_region_name', 'us-east-1')
     DefaultRegionEndpoint = boto.config.get('Boto', 'ec2_region_endpoint',
                                             'ec2.amazonaws.com')
     ResponseError = EC2ResponseError
 
     def __init__(self, aws_access_key_id=None, aws_secret_access_key=None,
                  is_secure=True, host=None, port=None,
                  proxy=None, proxy_port=None,
                  proxy_user=None, proxy_pass=None, debug=0,
                  https_connection_factory=None, region=None, path='/',
                  api_version=None, security_token=None):
         """
         Init method to create a new connection to EC2.
-
-        B{Note:} The host argument is overridden by the host specified in the
-                 boto configuration file.
         """
         if not region:
             region = RegionInfo(self, self.DefaultRegionName,
                                 self.DefaultRegionEndpoint)
         self.region = region
         AWSQueryConnection.__init__(self, aws_access_key_id,
                                     aws_secret_access_key,
                                     is_secure, port, proxy, proxy_port,
                                     proxy_user, proxy_pass,
                                     self.region.endpoint, debug,
@@ skipping 361 matching lines @@
                         for details.
 
         :rtype: list
         :return: A list of  :class:`boto.ec2.instance.Reservation`
         """
         params = {}
         if instance_ids:
             self.build_list_params(params, instance_ids, 'InstanceId')
         if filters:
             if 'group-id' in filters:
-                warnings.warn("The group-id filter now requires a security "
-                              "group identifier (sg-*) instead of a group "
-                              "name. To filter by group name use the "
-                              "'group-name' filter instead.", UserWarning)
+                gid = filters.get('group-id')
+                if not gid.startswith('sg-') or len(gid) != 11:
+                    warnings.warn(
+                        "The group-id filter now requires a security group "
+                        "identifier (sg-*) instead of a group name. To filter "
+                        "by group name use the 'group-name' filter instead.",
+                        UserWarning)
             self.build_filter_params(params, filters)
         return self.get_list('DescribeInstances', params,
                              [('item', Reservation)], verb='POST')
 
     def run_instances(self, image_id, min_count=1, max_count=1,
                       key_name=None, security_groups=None,
                       user_data=None, addressing_type=None,
                       instance_type='m1.small', placement=None,
                       kernel_id=None, ramdisk_id=None,
                       monitoring_enabled=False, subnet_id=None,
@@ skipping 345 matching lines @@
 
         :rtype: list
         :return: A list of
                  :class:`boto.ec2.spotinstancerequest.SpotInstanceRequest`
         """
         params = {}
         if request_ids:
             self.build_list_params(params, request_ids, 'SpotInstanceRequestId')
         if filters:
             if 'launch.group-id' in filters:
-                warnings.warn("The 'launch.group-id' filter now requires a "
-                              "security group id (sg-*) and no longer supports "
-                              "filtering by group name. Please update your "
-                              "filters accordingly.", UserWarning)
+                lgid = filters.get('launch.group-id')
+                if not lgid.startswith('sg-') or len(lgid) != 11:
+                    warnings.warn(
+                        "The 'launch.group-id' filter now requires a security "
+                        "group id (sg-*) and no longer supports filtering by "
+                        "group name. Please update your filters accordingly.",
+                        UserWarning)
             self.build_filter_params(params, filters)
         return self.get_list('DescribeSpotInstanceRequests', params,
                              [('item', SpotInstanceRequest)], verb='POST')
 
     def get_spot_price_history(self, start_time=None, end_time=None,
                                instance_type=None, product_description=None,
                                availability_zone=None):
         """
         Retrieve the recent history of spot instances pricing.
 
@@ skipping 855 matching lines @@
         Convenience method to retrieve a specific keypair (KeyPair).
 
         :type image_id: string
         :param image_id: the ID of the Image to retrieve
 
         :rtype: :class:`boto.ec2.keypair.KeyPair`
         :return: The KeyPair specified or None if it is not found
         """
         try:
             return self.get_all_key_pairs(keynames=[keyname])[0]
-        except IndexError: # None of those key pairs available
-            return None
+        except self.ResponseError, e:
+            if e.code == 'InvalidKeyPair.NotFound':
+                return None
+            else:
+                raise
 
     def create_key_pair(self, key_name):
         """
         Create a new key pair for your account.
         This will create the key pair within the region you
         are currently connected to.
 
         :type key_name: string
         :param key_name: The name of the new keypair
 
@@ skipping 280 matching lines @@
         if from_port is not None:
             params['IpPermissions.1.FromPort'] = from_port
         if to_port is not None:
             params['IpPermissions.1.ToPort'] = to_port
         if cidr_ip:
             params['IpPermissions.1.IpRanges.1.CidrIp'] = cidr_ip
 
         return self.get_status('AuthorizeSecurityGroupIngress',
                                params, verb='POST')
 
-    def authorize_security_group_egress(group_id,
+    def authorize_security_group_egress(self,
+                                        group_id,
                                         ip_protocol,
                                         from_port=None,
                                         to_port=None,
                                         src_group_id=None,
                                         cidr_ip=None):
         """
         The action adds one or more egress rules to a VPC security
         group. Specifically, this action permits instances in a
         security group to send traffic to one or more destination
         CIDR IP address ranges, or to one or more destination
@@ skipping 81 matching lines @@
         if ip_protocol:
             params['IpProtocol'] = ip_protocol
         if from_port:
             params['FromPort'] = from_port
         if to_port:
             params['ToPort'] = to_port
         if cidr_ip:
             params['CidrIp'] = cidr_ip
         return self.get_status('RevokeSecurityGroupIngress', params)
 
-    def revoke_security_group(self, group_name, src_security_group_name=None,
+    def revoke_security_group(self, group_name=None, src_security_group_name=None,
                               src_security_group_owner_id=None,
                               ip_protocol=None, from_port=None, to_port=None,
                               cidr_ip=None, group_id=None,
                               src_security_group_group_id=None):
         """
         Remove an existing rule from an existing security group.
         You need to pass in either src_security_group_name and
         src_security_group_owner_id OR ip_protocol, from_port, to_port,
         and cidr_ip.  In other words, either you are revoking another
         group or you are revoking some ip-based rule.
@@ skipping 25 matching lines @@
 
         :rtype: bool
         :return: True if successful.
         """
         if src_security_group_name:
             if from_port is None and to_port is None and ip_protocol is None:
                 return self.revoke_security_group_deprecated(
                     group_name, src_security_group_name,
                     src_security_group_owner_id)
         params = {}
-        if group_name:
+        if group_name is not None:
             params['GroupName'] = group_name
+        if group_id is not None:
+            params['GroupId'] = group_id
         if src_security_group_name:
             param_name = 'IpPermissions.1.Groups.1.GroupName'
             params[param_name] = src_security_group_name
+        if src_security_group_group_id:
+            param_name = 'IpPermissions.1.Groups.1.GroupId'
+            params[param_name] = src_security_group_group_id
         if src_security_group_owner_id:
             param_name = 'IpPermissions.1.Groups.1.UserId'
             params[param_name] = src_security_group_owner_id
         if ip_protocol:
             params['IpPermissions.1.IpProtocol'] = ip_protocol
         if from_port is not None:
             params['IpPermissions.1.FromPort'] = from_port
         if to_port is not None:
             params['IpPermissions.1.ToPort'] = to_port
         if cidr_ip:
             params['IpPermissions.1.IpRanges.1.CidrIp'] = cidr_ip
         return self.get_status('RevokeSecurityGroupIngress',
                                params, verb='POST')
 
+    def revoke_security_group_egress(self,
+                                     group_id,
+                                     ip_protocol,
+                                     from_port=None,
+                                     to_port=None,
+                                     src_group_id=None,
+                                     cidr_ip=None):
+        """
+        Remove an existing egress rule from an existing VPC security group.
+        You need to pass in an ip_protocol, from_port and to_port range only
+        if the protocol you are using is port-based. You also need to pass in either
+        a src_group_id or cidr_ip. 
+
+        :type group_name: string
+        :param group_id:  The name of the security group you are removing
+                           the rule from.
+
+        :type ip_protocol: string
+        :param ip_protocol: Either tcp | udp | icmp | -1
+
+        :type from_port: int
+        :param from_port: The beginning port number you are disabling
+
+        :type to_port: int
+        :param to_port: The ending port number you are disabling
+
+        :type src_group_id: src_group_id
+        :param src_group_id: The source security group you are revoking access to.
+
+        :type cidr_ip: string
+        :param cidr_ip: The CIDR block you are revoking access to.
+                        See http://goo.gl/Yj5QC
+
+        :rtype: bool
+        :return: True if successful.
+        """
+       
+        params = {}
+        if group_id:
+            params['GroupId'] = group_id
+        if ip_protocol:
+            params['IpPermissions.1.IpProtocol'] = ip_protocol
+        if from_port is not None:
+            params['IpPermissions.1.FromPort'] = from_port
+        if to_port is not None:
+            params['IpPermissions.1.ToPort'] = to_port
+        if src_group_id is not None:
+            params['IpPermissions.1.Groups.1.GroupId'] = src_group_id
+        if cidr_ip:
+            params['IpPermissions.1.IpRanges.1.CidrIp'] = cidr_ip
+        return self.get_status('RevokeSecurityGroupEgress',
+                               params, verb='POST')
+
     #
     # Regions
     #
 
     def get_all_regions(self, region_names=None, filters=None):
         """
         Get all available regions for the EC2 service.
 
         :type region_names: list of str
         :param region_names: Names of regions to limit output
@@ skipping 425 matching lines @@
                      be deleted.
 
         """
         if isinstance(tags, list):
             tags = {}.fromkeys(tags, None)
         params = {}
         self.build_list_params(params, resource_ids, 'ResourceId')
         self.build_tag_param_list(params, tags)
         return self.get_status('DeleteTags', params, verb='POST')