Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

EC2: describe_security_group_rules now uses Filter-argument (#6041)

Browse Source
This commit is contained in:
CiolFr 2023-03-12 00:28:16 +01:00 committed by GitHub
parent f1f4454b0f
commit 25f0c660f7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
moto/ec2/responses/security_groups.py
View File

@ -194,7 +194,7 @@ class SecurityGroups(EC2BaseResponse):
def describe_security_group_rules(self) -> str:
group_id = self._get_param("GroupId")
filters = self._get_param("Filter")
filters = self._filters_from_querystring()
self.error_on_dryrun()

42
tests/test_ec2/test_security_groups.py
View File

@ -565,45 +565,27 @@ def test_authorize_all_protocols_with_no_port_specification():
@mock_ec2
def test_create_and_describe_security_grp_rule():
ip_protocol = "tcp"
from_port = 27017
to_port = 27017
cidr_ip_range = "1.2.3.4/32"
ec2 = boto3.resource("ec2", "us-east-1")
client = boto3.client("ec2", "us-east-1")
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16")
sg_name = str(uuid4())
sg = ec2.create_security_group(
sg = client.create_security_group(
Description="Test SG", GroupName=sg_name, VpcId=vpc.id
)
# Ingress rule
ip_permissions = [
{
"IpProtocol": ip_protocol,
"FromPort": from_port,
"ToPort": to_port,
"IpRanges": [{"CidrIp": cidr_ip_range}],
}
]
sgr = sg.authorize_ingress(IpPermissions=ip_permissions)
# Describing the ingress rule
sgr_id = sgr["SecurityGroupRules"][0]["SecurityGroupRuleId"]
response = client.describe_security_group_rules(
Filters=[{"Name": "ip-permission-id", "Values": [sgr_id]}]
Filters=[{"Name": "group-id", "Values": [sg["GroupId"]]}]
)
ingress_rule = response["SecurityGroupRules"]
rule_found = False
for rule in ingress_rule:
if rule["SecurityGroupRuleId"] == sgr_id:
assert rule["IpProtocol"] == ip_protocol
assert rule["FromPort"] == from_port
assert rule["ToPort"] == to_port
assert rule["CidrIpv4"] == cidr_ip_range
rule_found = True
break
assert rule_found, True
rules = response["SecurityGroupRules"]
# Only the default rule is present
assert len(rules) == 1
# Test default egress rule content
assert rules[0]["IsEgress"] is True
assert rules[0]["IpProtocol"] == "-1"
assert rules[0]["CidrIpv4"] == "0.0.0.0/0"
@mock_ec2