VPC IPv4 validation (#2026)

* Implemented throwing invalid subnet range error and fixed breaking tests.

* Implemented throwing invalid CIDR block parameter error for vpcs and subnets.

* Implemented throwing invalid destination CIDR block error.

* IPv6 addresses not accepted, strict checking disabled.

* Implemented throwing invalid subnet conflict error and fixed breaking tests.

* Implemented throwing invalid VPC range error and fixed breaking tests.

* Fixed accidentally removed ).

* Fixed test case trying to create two subnets with the same CIDR range.

moto/ec2/exceptions.py

@@ -430,6 +430,51 @@ class OperationNotPermitted(EC2ClientError):
         )
 
 
+class InvalidSubnetRangeError(EC2ClientError):
+
+    def __init__(self, cidr_block):
+        super(InvalidSubnetRangeError, self).__init__(
+            "InvalidSubnet.Range",
+            "The CIDR '{}' is invalid.".format(cidr_block)
+        )
+
+
+class InvalidCIDRBlockParameterError(EC2ClientError):
+
+    def __init__(self, cidr_block):
+        super(InvalidCIDRBlockParameterError, self).__init__(
+            "InvalidParameterValue",
+            "Value ({}) for parameter cidrBlock is invalid. This is not a valid CIDR block.".format(cidr_block)
+        )
+
+
+class InvalidDestinationCIDRBlockParameterError(EC2ClientError):
+
+    def __init__(self, cidr_block):
+        super(InvalidDestinationCIDRBlockParameterError, self).__init__(
+            "InvalidParameterValue",
+            "Value ({}) for parameter destinationCidrBlock is invalid. This is not a valid CIDR block.".format(cidr_block)
+        )
+
+
+class InvalidSubnetConflictError(EC2ClientError):
+
+    def __init__(self, cidr_block):
+        super(InvalidSubnetConflictError, self).__init__(
+            "InvalidSubnet.Conflict",
+            "The CIDR '{}' conflicts with another subnet".format(cidr_block)
+        )
+
+
+class InvalidVPCRangeError(EC2ClientError):
+
+    def __init__(self, cidr_block):
+        super(InvalidVPCRangeError, self).__init__(
+            "InvalidVpc.Range",
+            "The CIDR '{}' is invalid.".format(cidr_block)
+        )
+
+
 # accept exception
 class OperationNotPermitted2(EC2ClientError):
     def __init__(self, client_region, pcx_id, acceptor_region):

moto/ec2/models.py

@@ -36,8 +36,10 @@ from .exceptions import (
     InvalidAMIIdError,
     InvalidAMIAttributeItemValueError,
     InvalidAssociationIdError,
+    InvalidCIDRBlockParameterError,
     InvalidCIDRSubnetError,
     InvalidCustomerGatewayIdError,
+    InvalidDestinationCIDRBlockParameterError,
     InvalidDHCPOptionsIdError,
     InvalidDomainError,
     InvalidID,
@@ -58,13 +60,16 @@ from .exceptions import (
     InvalidSecurityGroupDuplicateError,
     InvalidSecurityGroupNotFoundError,
     InvalidSnapshotIdError,
+    InvalidSubnetConflictError,
     InvalidSubnetIdError,
+    InvalidSubnetRangeError,
     InvalidVolumeIdError,
     InvalidVolumeAttachmentError,
     InvalidVpcCidrBlockAssociationIdError,
     InvalidVPCPeeringConnectionIdError,
     InvalidVPCPeeringConnectionStateTransitionError,
     InvalidVPCIdError,
+    InvalidVPCRangeError,
     InvalidVpnGatewayIdError,
     InvalidVpnConnectionIdError,
     MalformedAMIIdError,
@@ -2151,6 +2156,12 @@ class VPCBackend(object):
 
     def create_vpc(self, cidr_block, instance_tenancy='default', amazon_provided_ipv6_cidr_block=False):
         vpc_id = random_vpc_id()
+        try:
+            vpc_cidr_block = ipaddress.IPv4Network(six.text_type(cidr_block), strict=False)
+        except ValueError:
+            raise InvalidCIDRBlockParameterError(cidr_block)
+        if vpc_cidr_block.prefixlen < 16 or vpc_cidr_block.prefixlen > 28:
+            raise InvalidVPCRangeError(cidr_block)
         vpc = VPC(self, vpc_id, cidr_block, len(self.vpcs) == 0, instance_tenancy, amazon_provided_ipv6_cidr_block)
         self.vpcs[vpc_id] = vpc
 
@@ -2367,7 +2378,7 @@ class Subnet(TaggedEC2Resource):
         self.id = subnet_id
         self.vpc_id = vpc_id
         self.cidr_block = cidr_block
-        self.cidr = ipaddress.ip_network(six.text_type(self.cidr_block))
+        self.cidr = ipaddress.IPv4Network(six.text_type(self.cidr_block), strict=False)
         self._availability_zone = availability_zone
         self.default_for_az = default_for_az
         self.map_public_ip_on_launch = map_public_ip_on_launch
@@ -2499,7 +2510,19 @@ class SubnetBackend(object):
 
     def create_subnet(self, vpc_id, cidr_block, availability_zone):
         subnet_id = random_subnet_id()
-        self.get_vpc(vpc_id)  # Validate VPC exists
+        vpc = self.get_vpc(vpc_id)  # Validate VPC exists and the supplied CIDR block is a subnet of the VPC's
+        vpc_cidr_block = ipaddress.IPv4Network(six.text_type(vpc.cidr_block), strict=False)
+        try:
+            subnet_cidr_block = ipaddress.IPv4Network(six.text_type(cidr_block), strict=False)
+        except ValueError:
+            raise InvalidCIDRBlockParameterError(cidr_block)
+        if not (vpc_cidr_block.network_address <= subnet_cidr_block.network_address and
+                vpc_cidr_block.broadcast_address >= subnet_cidr_block.broadcast_address):
+            raise InvalidSubnetRangeError(cidr_block)
+
+        for subnet in self.get_all_subnets(filters={'vpc-id': vpc_id}):
+            if subnet.cidr.overlaps(subnet_cidr_block):
+                raise InvalidSubnetConflictError(cidr_block)
 
         # if this is the first subnet for an availability zone,
         # consider it the default
@@ -2759,6 +2782,11 @@ class RouteBackend(object):
             elif EC2_RESOURCE_TO_PREFIX['internet-gateway'] in gateway_id:
                 gateway = self.get_internet_gateway(gateway_id)
 
+        try:
+            ipaddress.IPv4Network(six.text_type(destination_cidr_block), strict=False)
+        except ValueError:
+            raise InvalidDestinationCIDRBlockParameterError(destination_cidr_block)
+
         route = Route(route_table, destination_cidr_block, local=local,
                       gateway=gateway,
                       instance=self.get_instance(

tests/test_cloudformation/test_cloudformation_stack_integration.py

@@ -2089,7 +2089,7 @@ def test_stack_kms():
 def test_stack_spot_fleet():
     conn = boto3.client('ec2', 'us-east-1')
 
-    vpc = conn.create_vpc(CidrBlock="10.0.0.0/8")['Vpc']
+    vpc = conn.create_vpc(CidrBlock="10.0.0.0/16")['Vpc']
     subnet = conn.create_subnet(
         VpcId=vpc['VpcId'], CidrBlock='10.0.0.0/16', AvailabilityZone='us-east-1a')['Subnet']
     subnet_id = subnet['SubnetId']
@@ -2173,7 +2173,7 @@ def test_stack_spot_fleet():
 def test_stack_spot_fleet_should_figure_out_default_price():
     conn = boto3.client('ec2', 'us-east-1')
 
-    vpc = conn.create_vpc(CidrBlock="10.0.0.0/8")['Vpc']
+    vpc = conn.create_vpc(CidrBlock="10.0.0.0/16")['Vpc']
     subnet = conn.create_subnet(
         VpcId=vpc['VpcId'], CidrBlock='10.0.0.0/16', AvailabilityZone='us-east-1a')['Subnet']
     subnet_id = subnet['SubnetId']

tests/test_ec2/test_network_acls.py

@@ -28,7 +28,7 @@ def test_new_subnet_associates_with_default_network_acl():
     conn = boto.connect_vpc('the_key', 'the secret')
     vpc = conn.get_all_vpcs()[0]
 
-    subnet = conn.create_subnet(vpc.id, "10.0.0.0/18")
+    subnet = conn.create_subnet(vpc.id, "172.31.48.0/20")
     all_network_acls = conn.get_all_network_acls()
     all_network_acls.should.have.length_of(1)
 

tests/test_ec2/test_route_tables.py

@@ -6,6 +6,7 @@ from nose.tools import assert_raises
 import boto
 import boto3
 from boto.exception import EC2ResponseError
+from botocore.exceptions import ClientError
 import sure  # noqa
 
 from moto import mock_ec2, mock_ec2_deprecated
@@ -528,3 +529,26 @@ def test_network_acl_tagging():
                             if na.id == route_table.id)
     test_route_table.tags.should.have.length_of(1)
     test_route_table.tags["a key"].should.equal("some value")
+
+
+@mock_ec2
+def test_create_route_with_invalid_destination_cidr_block_parameter():
+    ec2 = boto3.resource('ec2', region_name='us-west-1')
+
+    vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
+    vpc.reload()
+    vpc.is_default.shouldnt.be.ok
+
+    route_table = ec2.create_route_table(VpcId=vpc.id)
+    route_table.reload()
+
+    internet_gateway = ec2.create_internet_gateway()
+    vpc.attach_internet_gateway(InternetGatewayId=internet_gateway.id)
+    internet_gateway.reload()
+
+    destination_cidr_block = '1000.1.0.0/20'
+    with assert_raises(ClientError) as ex:
+        route = route_table.create_route(DestinationCidrBlock=destination_cidr_block, GatewayId=internet_gateway.id)
+    str(ex.exception).should.equal(
+        "An error occurred (InvalidParameterValue) when calling the CreateRoute "
+        "operation: Value ({}) for parameter destinationCidrBlock is invalid. This is not a valid CIDR block.".format(destination_cidr_block))

tests/test_ec2/test_security_groups.py

@@ -501,7 +501,7 @@ def test_sec_group_rule_limit_vpc():
     ec2_conn = boto.connect_ec2()
     vpc_conn = boto.connect_vpc()
 
-    vpc = vpc_conn.create_vpc('10.0.0.0/8')
+    vpc = vpc_conn.create_vpc('10.0.0.0/16')
 
     sg = ec2_conn.create_security_group('test', 'test', vpc_id=vpc.id)
     other_sg = ec2_conn.create_security_group('test_2', 'test', vpc_id=vpc.id)

tests/test_ec2/test_spot_fleet.py

@@ -7,7 +7,7 @@ from moto import mock_ec2
 
 
 def get_subnet_id(conn):
-    vpc = conn.create_vpc(CidrBlock="10.0.0.0/8")['Vpc']
+    vpc = conn.create_vpc(CidrBlock="10.0.0.0/16")['Vpc']
     subnet = conn.create_subnet(
         VpcId=vpc['VpcId'], CidrBlock='10.0.0.0/16', AvailabilityZone='us-east-1a')['Subnet']
     subnet_id = subnet['SubnetId']

tests/test_ec2/test_spot_instances.py

@@ -17,7 +17,7 @@ from moto.core.utils import iso_8601_datetime_with_milliseconds
 @mock_ec2
 def test_request_spot_instances():
     conn = boto3.client('ec2', 'us-east-1')
-    vpc = conn.create_vpc(CidrBlock="10.0.0.0/8")['Vpc']
+    vpc = conn.create_vpc(CidrBlock="10.0.0.0/16")['Vpc']
     subnet = conn.create_subnet(
         VpcId=vpc['VpcId'], CidrBlock='10.0.0.0/16', AvailabilityZone='us-east-1a')['Subnet']
     subnet_id = subnet['SubnetId']

tests/test_ec2/test_subnets.py

@@ -7,7 +7,7 @@ import boto3
 import boto
 import boto.vpc
 from boto.exception import EC2ResponseError
-from botocore.exceptions import ParamValidationError
+from botocore.exceptions import ParamValidationError, ClientError
 import json
 import sure  # noqa
 
@@ -84,7 +84,7 @@ def test_default_subnet():
     default_vpc.is_default.should.be.ok
 
     subnet = ec2.create_subnet(
-        VpcId=default_vpc.id, CidrBlock='172.31.0.0/20', AvailabilityZone='us-west-1a')
+        VpcId=default_vpc.id, CidrBlock='172.31.48.0/20', AvailabilityZone='us-west-1a')
     subnet.reload()
     subnet.map_public_ip_on_launch.shouldnt.be.ok
 
@@ -126,7 +126,7 @@ def test_modify_subnet_attribute():
     vpc = list(ec2.vpcs.all())[0]
 
     subnet = ec2.create_subnet(
-        VpcId=vpc.id, CidrBlock='10.0.0.0/24', AvailabilityZone='us-west-1a')
+        VpcId=vpc.id, CidrBlock="172.31.48.0/20", AvailabilityZone='us-west-1a')
 
     # 'map_public_ip_on_launch' is set when calling 'DescribeSubnets' action
     subnet.reload()
@@ -289,3 +289,52 @@ def test_subnet_tags_through_cloudformation():
     subnet = vpc_conn.get_all_subnets(filters={'cidrBlock': '10.0.0.0/24'})[0]
     subnet.tags["foo"].should.equal("bar")
     subnet.tags["blah"].should.equal("baz")
+
+
+@mock_ec2
+def test_create_subnet_with_invalid_cidr_range():
+    ec2 = boto3.resource('ec2', region_name='us-west-1')
+
+    vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
+    vpc.reload()
+    vpc.is_default.shouldnt.be.ok
+
+    subnet_cidr_block = '10.1.0.0/20'
+    with assert_raises(ClientError) as ex:
+        subnet = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
+    str(ex.exception).should.equal(
+        "An error occurred (InvalidSubnet.Range) when calling the CreateSubnet "
+        "operation: The CIDR '{}' is invalid.".format(subnet_cidr_block))
+
+
+@mock_ec2
+def test_create_subnet_with_invalid_cidr_block_parameter():
+    ec2 = boto3.resource('ec2', region_name='us-west-1')
+
+    vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
+    vpc.reload()
+    vpc.is_default.shouldnt.be.ok
+
+    subnet_cidr_block = '1000.1.0.0/20'
+    with assert_raises(ClientError) as ex:
+        subnet = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
+    str(ex.exception).should.equal(
+        "An error occurred (InvalidParameterValue) when calling the CreateSubnet "
+        "operation: Value ({}) for parameter cidrBlock is invalid. This is not a valid CIDR block.".format(subnet_cidr_block))
+
+
+@mock_ec2
+def test_create_subnets_with_overlapping_cidr_blocks():
+    ec2 = boto3.resource('ec2', region_name='us-west-1')
+
+    vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
+    vpc.reload()
+    vpc.is_default.shouldnt.be.ok
+
+    subnet_cidr_block = '10.0.0.0/24'
+    with assert_raises(ClientError) as ex:
+        subnet1 = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
+        subnet2 = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
+    str(ex.exception).should.equal(
+        "An error occurred (InvalidSubnet.Conflict) when calling the CreateSubnet "
+        "operation: The CIDR '{}' conflicts with another subnet".format(subnet_cidr_block))

tests/test_ec2/test_vpcs.py

@@ -539,3 +539,27 @@ def test_ipv6_cidr_block_association_filters():
     filtered_vpcs = list(ec2.vpcs.filter(Filters=[{'Name': 'ipv6-cidr-block-association.state',
                                                    'Values': ['associated']}]))
     filtered_vpcs.should.be.length_of(2)   # 2 of 4 VPCs
+
+
+@mock_ec2
+def test_create_vpc_with_invalid_cidr_block_parameter():
+    ec2 = boto3.resource('ec2', region_name='us-west-1')
+
+    vpc_cidr_block = '1000.1.0.0/20'
+    with assert_raises(ClientError) as ex:
+        vpc = ec2.create_vpc(CidrBlock=vpc_cidr_block)
+    str(ex.exception).should.equal(
+        "An error occurred (InvalidParameterValue) when calling the CreateVpc "
+        "operation: Value ({}) for parameter cidrBlock is invalid. This is not a valid CIDR block.".format(vpc_cidr_block))
+
+
+@mock_ec2
+def test_create_vpc_with_invalid_cidr_range():
+    ec2 = boto3.resource('ec2', region_name='us-west-1')
+
+    vpc_cidr_block = '10.1.0.0/29'
+    with assert_raises(ClientError) as ex:
+        vpc = ec2.create_vpc(CidrBlock=vpc_cidr_block)
+    str(ex.exception).should.equal(
+        "An error occurred (InvalidVpc.Range) when calling the CreateVpc "
+        "operation: The CIDR '{}' is invalid.".format(vpc_cidr_block))

tests/test_elbv2/test_elbv2.py

@@ -27,7 +27,7 @@ def test_create_load_balancer():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -69,7 +69,7 @@ def test_describe_load_balancers():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     conn.create_load_balancer(
@@ -112,7 +112,7 @@ def test_add_remove_tags():
     vpc = ec2.create_vpc(CidrBlock='172.28.7.0/24', InstanceTenancy='default')
     subnet1 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
@@ -234,7 +234,7 @@ def test_create_elb_in_multiple_region():
             InstanceTenancy='default')
         subnet1 = ec2.create_subnet(
             VpcId=vpc.id,
-            CidrBlock='172.28.7.192/26',
+            CidrBlock='172.28.7.0/26',
             AvailabilityZone=region + 'a')
         subnet2 = ec2.create_subnet(
             VpcId=vpc.id,
@@ -275,7 +275,7 @@ def test_create_target_group_and_listeners():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -434,7 +434,7 @@ def test_create_target_group_without_non_required_parameters():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -538,7 +538,7 @@ def test_describe_paginated_balancers():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     for i in range(51):
@@ -573,7 +573,7 @@ def test_delete_load_balancer():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -606,7 +606,7 @@ def test_register_targets():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     conn.create_load_balancer(
@@ -682,7 +682,7 @@ def test_target_group_attributes():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -773,7 +773,7 @@ def test_handle_listener_rules():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -1078,7 +1078,7 @@ def test_describe_invalid_target_group():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -1124,7 +1124,7 @@ def test_describe_target_groups_no_arguments():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(
@@ -1188,7 +1188,7 @@ def test_set_ip_address_type():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = client.create_load_balancer(
@@ -1238,7 +1238,7 @@ def test_set_security_groups():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = client.create_load_balancer(
@@ -1275,11 +1275,11 @@ def test_set_subnets():
     vpc = ec2.create_vpc(CidrBlock='172.28.7.0/24', InstanceTenancy='default')
     subnet1 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.64/26',
         AvailabilityZone='us-east-1b')
     subnet3 = ec2.create_subnet(
         VpcId=vpc.id,
@@ -1332,7 +1332,7 @@ def test_set_subnets():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     response = client.create_load_balancer(
@@ -1421,7 +1421,7 @@ def test_modify_listener_http_to_https():
         AvailabilityZone='eu-central-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='eu-central-1b')
 
     response = client.create_load_balancer(
@@ -1603,7 +1603,7 @@ def test_redirect_action_listener_rule():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.128/26',
         AvailabilityZone='us-east-1b')
 
     response = conn.create_load_balancer(

tests/test_rds/test_rds.py

@@ -174,8 +174,8 @@ def test_add_security_group_to_database():
 def test_add_database_subnet_group():
     vpc_conn = boto.vpc.connect_to_region("us-west-2")
     vpc = vpc_conn.create_vpc("10.0.0.0/16")
-    subnet1 = vpc_conn.create_subnet(vpc.id, "10.1.0.0/24")
+    subnet1 = vpc_conn.create_subnet(vpc.id, "10.0.1.0/24")
-    subnet2 = vpc_conn.create_subnet(vpc.id, "10.2.0.0/24")
+    subnet2 = vpc_conn.create_subnet(vpc.id, "10.0.2.0/24")
 
     subnet_ids = [subnet1.id, subnet2.id]
     conn = boto.rds.connect_to_region("us-west-2")
@@ -191,7 +191,7 @@ def test_add_database_subnet_group():
 def test_describe_database_subnet_group():
     vpc_conn = boto.vpc.connect_to_region("us-west-2")
     vpc = vpc_conn.create_vpc("10.0.0.0/16")
-    subnet = vpc_conn.create_subnet(vpc.id, "10.1.0.0/24")
+    subnet = vpc_conn.create_subnet(vpc.id, "10.0.1.0/24")
 
     conn = boto.rds.connect_to_region("us-west-2")
     conn.create_db_subnet_group("db_subnet1", "my db subnet", [subnet.id])
@@ -209,7 +209,7 @@ def test_describe_database_subnet_group():
 def test_delete_database_subnet_group():
     vpc_conn = boto.vpc.connect_to_region("us-west-2")
     vpc = vpc_conn.create_vpc("10.0.0.0/16")
-    subnet = vpc_conn.create_subnet(vpc.id, "10.1.0.0/24")
+    subnet = vpc_conn.create_subnet(vpc.id, "10.0.1.0/24")
 
     conn = boto.rds.connect_to_region("us-west-2")
     conn.create_db_subnet_group("db_subnet1", "my db subnet", [subnet.id])
@@ -227,7 +227,7 @@ def test_delete_database_subnet_group():
 def test_create_database_in_subnet_group():
     vpc_conn = boto.vpc.connect_to_region("us-west-2")
     vpc = vpc_conn.create_vpc("10.0.0.0/16")
-    subnet = vpc_conn.create_subnet(vpc.id, "10.1.0.0/24")
+    subnet = vpc_conn.create_subnet(vpc.id, "10.0.1.0/24")
 
     conn = boto.rds.connect_to_region("us-west-2")
     conn.create_db_subnet_group("db_subnet1", "my db subnet", [subnet.id])

tests/test_rds2/test_rds2.py

@@ -1045,9 +1045,9 @@ def test_create_database_subnet_group():
     vpc_conn = boto3.client('ec2', 'us-west-2')
     vpc = vpc_conn.create_vpc(CidrBlock='10.0.0.0/16')['Vpc']
     subnet1 = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/24')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.1.0/24')['Subnet']
     subnet2 = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/26')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.2.0/24')['Subnet']
 
     subnet_ids = [subnet1['SubnetId'], subnet2['SubnetId']]
     conn = boto3.client('rds', region_name='us-west-2')
@@ -1069,7 +1069,7 @@ def test_create_database_in_subnet_group():
     vpc_conn = boto3.client('ec2', 'us-west-2')
     vpc = vpc_conn.create_vpc(CidrBlock='10.0.0.0/16')['Vpc']
     subnet = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/24')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.1.0/24')['Subnet']
 
     conn = boto3.client('rds', region_name='us-west-2')
     conn.create_db_subnet_group(DBSubnetGroupName='db_subnet1',
@@ -1094,7 +1094,7 @@ def test_describe_database_subnet_group():
     vpc_conn = boto3.client('ec2', 'us-west-2')
     vpc = vpc_conn.create_vpc(CidrBlock='10.0.0.0/16')['Vpc']
     subnet = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/24')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.1.0/24')['Subnet']
 
     conn = boto3.client('rds', region_name='us-west-2')
     conn.create_db_subnet_group(DBSubnetGroupName="db_subnet1",
@@ -1123,7 +1123,7 @@ def test_delete_database_subnet_group():
     vpc_conn = boto3.client('ec2', 'us-west-2')
     vpc = vpc_conn.create_vpc(CidrBlock='10.0.0.0/16')['Vpc']
     subnet = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/24')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.1.0/24')['Subnet']
 
     conn = boto3.client('rds', region_name='us-west-2')
     result = conn.describe_db_subnet_groups()
@@ -1149,7 +1149,7 @@ def test_list_tags_database_subnet_group():
     vpc_conn = boto3.client('ec2', 'us-west-2')
     vpc = vpc_conn.create_vpc(CidrBlock='10.0.0.0/16')['Vpc']
     subnet = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/24')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.1.0/24')['Subnet']
 
     conn = boto3.client('rds', region_name='us-west-2')
     result = conn.describe_db_subnet_groups()
@@ -1176,7 +1176,7 @@ def test_add_tags_database_subnet_group():
     vpc_conn = boto3.client('ec2', 'us-west-2')
     vpc = vpc_conn.create_vpc(CidrBlock='10.0.0.0/16')['Vpc']
     subnet = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/24')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.1.0/24')['Subnet']
 
     conn = boto3.client('rds', region_name='us-west-2')
     result = conn.describe_db_subnet_groups()
@@ -1207,7 +1207,7 @@ def test_remove_tags_database_subnet_group():
     vpc_conn = boto3.client('ec2', 'us-west-2')
     vpc = vpc_conn.create_vpc(CidrBlock='10.0.0.0/16')['Vpc']
     subnet = vpc_conn.create_subnet(
-        VpcId=vpc['VpcId'], CidrBlock='10.1.0.0/24')['Subnet']
+        VpcId=vpc['VpcId'], CidrBlock='10.0.1.0/24')['Subnet']
 
     conn = boto3.client('rds', region_name='us-west-2')
     result = conn.describe_db_subnet_groups()

tests/test_resourcegroupstaggingapi/test_resourcegroupstaggingapi.py

@@ -239,7 +239,7 @@ def test_get_resources_elbv2():
         AvailabilityZone='us-east-1a')
     subnet2 = ec2.create_subnet(
         VpcId=vpc.id,
-        CidrBlock='172.28.7.192/26',
+        CidrBlock='172.28.7.0/26',
         AvailabilityZone='us-east-1b')
 
     conn.create_load_balancer(