Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[ec2-sg] added logic to create a second default egress rule for ipv6

Browse Source
This commit is contained in:
aimannajjar 2019-12-18 17:29:13 -05:00 committed by aimannajjar
parent f8af496445
commit 5b9b965647
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
moto/ec2/models.py
View File

@ -1722,6 +1722,12 @@ class SecurityGroup(TaggedEC2Resource):
self.vpc_id = vpc_id self.vpc_id = vpc_id
self.owner_id = OWNER_ID self.owner_id = OWNER_ID
# Append default IPv6 egress rule for VPCs with IPv6 support
if vpc_id:
vpc = self.ec2_backend.vpcs.get(vpc_id)
if vpc and len(vpc.get_cidr_block_association_set(ipv6=True)) > 0:
self.egress_rules.append(SecurityRule("-1", None, None, [], []))
@classmethod @classmethod
def create_from_cloudformation_json( def create_from_cloudformation_json(
cls, resource_name, cloudformation_json, region_name cls, resource_name, cloudformation_json, region_name

12
tests/test_ec2/test_security_groups.py
View File

@ -123,6 +123,18 @@ def test_create_two_security_groups_with_same_name_in_different_vpc():
set(group_names).should.equal(set(["default", "test security group"])) set(group_names).should.equal(set(["default", "test security group"]))
@mock_ec2
def test_create_two_security_groups_in_vpc_with_ipv6_enabled():
ec2 = boto3.resource("ec2", region_name="us-west-1")
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16", AmazonProvidedIpv6CidrBlock=True)
security_group = ec2.create_security_group(
GroupName="sg01", Description="Test security group sg01", VpcId=vpc.id
)
security_group.ip_permissions_egress.should.have.length_of(2)
@mock_ec2_deprecated @mock_ec2_deprecated
def test_deleting_security_groups(): def test_deleting_security_groups():
conn = boto.connect_ec2("the_key", "the_secret") conn = boto.connect_ec2("the_key", "the_secret")