From 105bf863afd80617d0585c400668c64c39f7c798 Mon Sep 17 00:00:00 2001
From: Macwan Nevil <macnev2013@gmail.com>
Date: Tue, 24 Aug 2021 21:22:34 +0530
Subject: [PATCH] added support for modify-vpc-connection; fixed vpc peering
 options (#4210)

---
 moto/ec2/models.py                            | 20 +++++
 moto/ec2/responses/vpc_peering_connections.py | 82 +++++++++++++++----
 tests/terraform-tests.success.txt             |  1 +
 3 files changed, 89 insertions(+), 14 deletions(-)

diff --git a/moto/ec2/models.py b/moto/ec2/models.py
index 1d959fab7..7827f8ea3 100644
--- a/moto/ec2/models.py
+++ b/moto/ec2/models.py
@@ -3403,11 +3403,19 @@ class PeeringConnectionStatus(object):
 
 
 class VPCPeeringConnection(TaggedEC2Resource, CloudFormationModel):
+    DEFAULT_OPTIONS = {
+        "AllowEgressFromLocalClassicLinkToRemoteVpc": "false",
+        "AllowEgressFromLocalVpcToRemoteClassicLink": "false",
+        "AllowDnsResolutionFromRemoteVpc": "false",
+    }
+
     def __init__(self, backend, vpc_pcx_id, vpc, peer_vpc, tags=None):
         self.id = vpc_pcx_id
         self.ec2_backend = backend
         self.vpc = vpc
         self.peer_vpc = peer_vpc
+        self.requester_options = self.DEFAULT_OPTIONS.copy()
+        self.accepter_options = self.DEFAULT_OPTIONS.copy()
         self.add_tags(tags or {})
         self._status = PeeringConnectionStatus()
 
@@ -3504,6 +3512,18 @@ class VPCPeeringConnectionBackend(object):
         vpc_pcx._status.reject()
         return vpc_pcx
 
+    def modify_vpc_peering_connection_options(
+        self, vpc_pcx_id, accepter_options=None, requester_options=None
+    ):
+        vpc_pcx = self.get_vpc_peering_connection(vpc_pcx_id)
+        if not vpc_pcx:
+            raise InvalidVPCPeeringConnectionIdError(vpc_pcx_id)
+        # TODO: check if actual vpc has this options enabled
+        if accepter_options:
+            vpc_pcx.accepter_options.update(accepter_options)
+        if requester_options:
+            vpc_pcx.requester_options.update(requester_options)
+
 
 class Subnet(TaggedEC2Resource, CloudFormationModel):
     def __init__(
diff --git a/moto/ec2/responses/vpc_peering_connections.py b/moto/ec2/responses/vpc_peering_connections.py
index 718dfcb5c..e0ba8d2f2 100644
--- a/moto/ec2/responses/vpc_peering_connections.py
+++ b/moto/ec2/responses/vpc_peering_connections.py
@@ -45,7 +45,25 @@ class VPCPeeringConnections(BaseResponse):
         template = self.response_template(REJECT_VPC_PEERING_CONNECTION_RESPONSE)
         return template.render()
 
+    def modify_vpc_peering_connection_options(self):
+        vpc_pcx_id = self._get_param("VpcPeeringConnectionId")
+        accepter_options = self._get_multi_param_dict(
+            "AccepterPeeringConnectionOptions"
+        )
+        requester_options = self._get_multi_param_dict(
+            "RequesterPeeringConnectionOptions"
+        )
+        self.ec2_backend.modify_vpc_peering_connection_options(
+            vpc_pcx_id, accepter_options, requester_options
+        )
+        template = self.response_template(MODIFY_VPC_PEERING_CONNECTION_RESPONSE)
+        return template.render(
+            accepter_options=accepter_options, requester_options=requester_options
+        )
 
+
+# we are assuming that the owner id for accepter and requester vpc are same
+# as we are checking for the vpc exsistance
 CREATE_VPC_PEERING_CONNECTION_RESPONSE = (
     """
 <CreateVpcPeeringConnectionResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/">
@@ -53,13 +71,15 @@ CREATE_VPC_PEERING_CONNECTION_RESPONSE = (
  <vpcPeeringConnection>
   <vpcPeeringConnectionId>{{ vpc_pcx.id }}</vpcPeeringConnectionId>
     <requesterVpcInfo>
-     <ownerId>777788889999</ownerId>
+     <ownerId>"""
+    + ACCOUNT_ID
+    + """</ownerId>
      <vpcId>{{ vpc_pcx.vpc.id }}</vpcId>
      <cidrBlock>{{ vpc_pcx.vpc.cidr_block }}</cidrBlock>
      <peeringOptions>
-       <allowEgressFromLocalClassicLinkToRemoteVpc>false</allowEgressFromLocalClassicLinkToRemoteVpc>
-       <allowEgressFromLocalVpcToRemoteClassicLink>false</allowEgressFromLocalVpcToRemoteClassicLink>
-       <allowDnsResolutionFromRemoteVpc>false</allowDnsResolutionFromRemoteVpc>
+       <allowEgressFromLocalClassicLinkToRemoteVpc>{{ vpc_pcx.requester_options.AllowEgressFromLocalClassicLinkToRemoteVpc or '' }}</allowEgressFromLocalClassicLinkToRemoteVpc>
+       <allowEgressFromLocalVpcToRemoteClassicLink>{{ vpc_pcx.requester_options.AllowEgressFromLocalVpcToRemoteClassicLink or '' }}</allowEgressFromLocalVpcToRemoteClassicLink>
+       <allowDnsResolutionFromRemoteVpc>{{ vpc_pcx.requester_options.AllowDnsResolutionFromRemoteVpc or '' }}</allowDnsResolutionFromRemoteVpc>
      </peeringOptions>
     </requesterVpcInfo>
     <accepterVpcInfo>
@@ -67,6 +87,11 @@ CREATE_VPC_PEERING_CONNECTION_RESPONSE = (
     + ACCOUNT_ID
     + """</ownerId>
       <vpcId>{{ vpc_pcx.peer_vpc.id }}</vpcId>
+      <peeringOptions>
+        <allowEgressFromLocalClassicLinkToRemoteVpc>{{ vpc_pcx.accepter_options.AllowEgressFromLocalClassicLinkToRemoteVpc or '' }}</allowEgressFromLocalClassicLinkToRemoteVpc>
+        <allowEgressFromLocalVpcToRemoteClassicLink>{{ vpc_pcx.accepter_options.AllowEgressFromLocalVpcToRemoteClassicLink or '' }}</allowEgressFromLocalVpcToRemoteClassicLink>
+        <allowDnsResolutionFromRemoteVpc>{{ vpc_pcx.accepter_options.AllowDnsResolutionFromRemoteVpc or '' }}</allowDnsResolutionFromRemoteVpc>
+      </peeringOptions>
     </accepterVpcInfo>
     <status>
      <code>initiating-request</code>
@@ -95,10 +120,17 @@ DESCRIBE_VPC_PEERING_CONNECTIONS_RESPONSE = (
  <item>
   <vpcPeeringConnectionId>{{ vpc_pcx.id }}</vpcPeeringConnectionId>
     <requesterVpcInfo>
-     <ownerId>777788889999</ownerId>
+     <ownerId>"""
+    + ACCOUNT_ID
+    + """</ownerId>
      <vpcId>{{ vpc_pcx.vpc.id }}</vpcId>
      <cidrBlock>{{ vpc_pcx.vpc.cidr_block }}</cidrBlock>
      <region>{{ vpc_pcx.vpc.ec2_backend.region_name }}</region>
+     <peeringOptions>
+      <allowEgressFromLocalClassicLinkToRemoteVpc>{{ vpc_pcx.requester_options.AllowEgressFromLocalClassicLinkToRemoteVpc or '' }}</allowEgressFromLocalClassicLinkToRemoteVpc>
+      <allowEgressFromLocalVpcToRemoteClassicLink>{{ vpc_pcx.requester_options.AllowEgressFromLocalVpcToRemoteClassicLink or '' }}</allowEgressFromLocalVpcToRemoteClassicLink>
+      <allowDnsResolutionFromRemoteVpc>{{ vpc_pcx.requester_options.AllowDnsResolutionFromRemoteVpc or '' }}</allowDnsResolutionFromRemoteVpc>
+     </peeringOptions>
     </requesterVpcInfo>
     <accepterVpcInfo>
      <ownerId>"""
@@ -106,12 +138,12 @@ DESCRIBE_VPC_PEERING_CONNECTIONS_RESPONSE = (
     + """</ownerId>
      <vpcId>{{ vpc_pcx.peer_vpc.id }}</vpcId>
      <cidrBlock>{{ vpc_pcx.peer_vpc.cidr_block }}</cidrBlock>
-     <peeringOptions>
-        <allowEgressFromLocalClassicLinkToRemoteVpc>false</allowEgressFromLocalClassicLinkToRemoteVpc>
-        <allowEgressFromLocalVpcToRemoteClassicLink>true</allowEgressFromLocalVpcToRemoteClassicLink>
-        <allowDnsResolutionFromRemoteVpc>false</allowDnsResolutionFromRemoteVpc>
-     </peeringOptions>
      <region>{{ vpc_pcx.peer_vpc.ec2_backend.region_name }}</region>
+     <peeringOptions>
+      <allowEgressFromLocalClassicLinkToRemoteVpc>{{ vpc_pcx.accepter_options.AllowEgressFromLocalClassicLinkToRemoteVpc or '' }}</allowEgressFromLocalClassicLinkToRemoteVpc>
+      <allowEgressFromLocalVpcToRemoteClassicLink>{{ vpc_pcx.accepter_options.AllowEgressFromLocalVpcToRemoteClassicLink or '' }}</allowEgressFromLocalVpcToRemoteClassicLink>
+      <allowDnsResolutionFromRemoteVpc>{{ vpc_pcx.accepter_options.AllowDnsResolutionFromRemoteVpc or '' }}</allowDnsResolutionFromRemoteVpc>
+     </peeringOptions>
     </accepterVpcInfo>
      <status>
       <code>{{ vpc_pcx._status.code }}</code>
@@ -146,7 +178,9 @@ ACCEPT_VPC_PEERING_CONNECTION_RESPONSE = (
   <vpcPeeringConnection>
     <vpcPeeringConnectionId>{{ vpc_pcx.id }}</vpcPeeringConnectionId>
     <requesterVpcInfo>
-      <ownerId>777788889999</ownerId>
+      <ownerId>"""
+    + ACCOUNT_ID
+    + """</ownerId>
       <vpcId>{{ vpc_pcx.vpc.id }}</vpcId>
       <cidrBlock>{{ vpc_pcx.vpc.cidr_block }}</cidrBlock>
       <region>{{ vpc_pcx.vpc.ec2_backend.region_name }}</region>
@@ -158,9 +192,9 @@ ACCEPT_VPC_PEERING_CONNECTION_RESPONSE = (
       <vpcId>{{ vpc_pcx.peer_vpc.id }}</vpcId>
       <cidrBlock>{{ vpc_pcx.peer_vpc.cidr_block }}</cidrBlock>
       <peeringOptions>
-        <allowEgressFromLocalClassicLinkToRemoteVpc>false</allowEgressFromLocalClassicLinkToRemoteVpc>
-        <allowEgressFromLocalVpcToRemoteClassicLink>false</allowEgressFromLocalVpcToRemoteClassicLink>
-        <allowDnsResolutionFromRemoteVpc>false</allowDnsResolutionFromRemoteVpc>
+        <allowEgressFromLocalClassicLinkToRemoteVpc>{{ vpc_pcx.accepter_options.AllowEgressFromLocalClassicLinkToRemoteVpc or '' }}</allowEgressFromLocalClassicLinkToRemoteVpc>
+        <allowEgressFromLocalVpcToRemoteClassicLink>{{ vpc_pcx.accepter_options.AllowEgressFromLocalVpcToRemoteClassicLink or '' }}</allowEgressFromLocalVpcToRemoteClassicLink>
+        <allowDnsResolutionFromRemoteVpc>{{ vpc_pcx.accepter_options.AllowDnsResolutionFromRemoteVpc or '' }}</allowDnsResolutionFromRemoteVpc>
       </peeringOptions>
       <region>{{ vpc_pcx.peer_vpc.ec2_backend.region_name }}</region>
     </accepterVpcInfo>
@@ -187,3 +221,23 @@ REJECT_VPC_PEERING_CONNECTION_RESPONSE = """
   <return>true</return>
 </RejectVpcPeeringConnectionResponse>
 """
+
+MODIFY_VPC_PEERING_CONNECTION_RESPONSE = """
+<ModifyVpcPeeringConnectionOptionsResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/">
+  <requestId>8d977c82-8aba-4cd1-81ca-example</requestId>
+  {% if requester_options %}
+  <requesterPeeringConnectionOptions>
+    <allowEgressFromLocalClassicLinkToRemoteVpc>{{ requester_options.AllowEgressFromLocalClassicLinkToRemoteVpc or '' }}</allowEgressFromLocalClassicLinkToRemoteVpc>
+    <allowEgressFromLocalVpcToRemoteClassicLink>{{ requester_options.AllowEgressFromLocalVpcToRemoteClassicLink or '' }}</allowEgressFromLocalVpcToRemoteClassicLink>
+    <allowDnsResolutionFromRemoteVpc>{{ requester_options.AllowDnsResolutionFromRemoteVpc or '' }}</allowDnsResolutionFromRemoteVpc>
+  </requesterPeeringConnectionOptions>
+  {% endif %}
+  {% if accepter_options %}
+  <accepterPeeringConnectionOptions>
+    <allowEgressFromLocalClassicLinkToRemoteVpc>{{ accepter_options.AllowEgressFromLocalClassicLinkToRemoteVpc or '' }}</allowEgressFromLocalClassicLinkToRemoteVpc>
+    <allowEgressFromLocalVpcToRemoteClassicLink>{{ accepter_options.AllowEgressFromLocalVpcToRemoteClassicLink or '' }}</allowEgressFromLocalVpcToRemoteClassicLink>
+    <allowDnsResolutionFromRemoteVpc>{{ accepter_options.AllowDnsResolutionFromRemoteVpc or '' }}</allowDnsResolutionFromRemoteVpc>
+  </accepterPeeringConnectionOptions>
+  {% endif %}
+</ModifyVpcPeeringConnectionOptionsResponse>
+"""
diff --git a/tests/terraform-tests.success.txt b/tests/terraform-tests.success.txt
index ccbc00f2b..94eb79247 100644
--- a/tests/terraform-tests.success.txt
+++ b/tests/terraform-tests.success.txt
@@ -84,6 +84,7 @@ TestAccAWSRouteTable_RequireRouteTarget
 TestAccAWSRouteTable_disappears_SubnetAssociation
 TestAccAWSRouteTable_IPv4_To_NatGateway
 TestAccAWSRouteTable_IPv4_To_TransitGateway
+TestAccAWSRouteTable_IPv4_To_VpcPeeringConnection
 TestAccAWSRouteTable_disappears
 TestAccAWSRouteTable_basic
 TestAccAwsEc2ManagedPrefixList