Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

EC2: add GroupId to SecurityGroupRules (#6437)

Browse Source
This commit is contained in:
David 2023-06-29 11:07:52 +02:00 committed by GitHub
parent 8ba1a61424
commit 3f528f5428
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 27 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
moto/ec2/models/security_groups.py
View File

@ -550,16 +550,19 @@ class SecurityGroupBackend:
def describe_security_group_rules( def describe_security_group_rules(
self, group_ids: Optional[List[str]] = None, filters: Any = None self, group_ids: Optional[List[str]] = None, filters: Any = None
) -> List[SecurityRule]: ) -> Dict[str, List[SecurityRule]]:
matches = self.describe_security_groups(group_ids=group_ids, filters=filters) matches = self.describe_security_groups(group_ids=group_ids, filters=filters)
if not matches: if not matches:
raise InvalidSecurityGroupNotFoundError( raise InvalidSecurityGroupNotFoundError(
"No security groups found matching the filters provided." "No security groups found matching the filters provided."
) )
rules = [] rules = {}
for group in matches: for group in matches:
rules.extend(group.ingress_rules) group_rules = []
rules.extend(group.egress_rules) group_rules.extend(group.ingress_rules)
group_rules.extend(group.egress_rules)
if group_rules:
rules[group.group_id] = group_rules
return rules return rules

35
moto/ec2/responses/security_groups.py
View File

@ -254,22 +254,25 @@ DESCRIBE_SECURITY_GROUP_RULES_RESPONSE = """
<DescribeSecurityGroupRulesResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/"> <DescribeSecurityGroupRulesResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/">
<requestId>{{ request_id }}</requestId> <requestId>{{ request_id }}</requestId>
<securityGroupRuleSet> <securityGroupRuleSet>
{% for rule in rules %} {% for group, rule_list in rules.items() %}
<item> {% for rule in rule_list %}
{% if rule.from_port is not none %} <item>
<fromPort>{{ rule.from_port }}</fromPort> {% if rule.from_port is not none %}
{% endif %} <fromPort>{{ rule.from_port }}</fromPort>
{% if rule.to_port is not none %} {% endif %}
<toPort>{{ rule.to_port }}</toPort> {% if rule.to_port is not none %}
{% endif %} <toPort>{{ rule.to_port }}</toPort>
{% if rule.ip_ranges %} {% endif %}
<cidrIpv4>{{ rule.ip_ranges[0]['CidrIp'] }}</cidrIpv4> {% if rule.ip_ranges %}
{% endif %} <cidrIpv4>{{ rule.ip_ranges[0]['CidrIp'] }}</cidrIpv4>
<ipProtocol>{{ rule.ip_protocol }}</ipProtocol> {% endif %}
<groupOwnerId>{{ rule.owner_id }}</groupOwnerId> <ipProtocol>{{ rule.ip_protocol }}</ipProtocol>
<isEgress>{{ 'true' if rule.is_egress else 'false' }}</isEgress> <groupId>{{ group }}</groupId>
<securityGroupRuleId>{{ rule.id }}</securityGroupRuleId> <groupOwnerId>{{ rule.owner_id }}</groupOwnerId>
</item> <isEgress>{{ 'true' if rule.is_egress else 'false' }}</isEgress>
<securityGroupRuleId>{{ rule.id }}</securityGroupRuleId>
</item>
{% endfor %}
{% endfor %} {% endfor %}
</securityGroupRuleSet> </securityGroupRuleSet>
</DescribeSecurityGroupRulesResponse>""" </DescribeSecurityGroupRulesResponse>"""

1
tests/test_ec2/test_security_groups.py
View File

@ -586,6 +586,7 @@ def test_create_and_describe_security_grp_rule():
assert rules[0]["IsEgress"] is True assert rules[0]["IsEgress"] is True
assert rules[0]["IpProtocol"] == "-1" assert rules[0]["IpProtocol"] == "-1"
assert rules[0]["CidrIpv4"] == "0.0.0.0/0" assert rules[0]["CidrIpv4"] == "0.0.0.0/0"
assert "GroupId" in rules[0]
@mock_ec2 @mock_ec2