Commit Graph

63 Commits

Author SHA1 Message Date
Mohit Alonja
2f26e870b8
SecurityGroup Improvements (#4239) 2021-09-04 17:08:18 +01:00
Mohit Alonja
11a37c357b
SecurityGroup Improvements (#4183) 2021-08-26 19:57:07 +01:00
Bert Blommers
574053cb27
EC2 - Improve/Extend RouteTable unit tests (#4165) 2021-08-11 18:50:15 +01:00
Brian Pandola
463472c2b2
Make security rules consistent between direct (backend) and indirect (api) boundaries (#3817)
* Make security rules consistent between direct (backend) and indirect (api) boundaries

Security rules added directly via the backend were unable to be revoked via the API
because the port values were being stored as strings but were always coerced back
to integers by the botocore model.  `"0" != 0`, so the rules would never match,
raising an `InvalidPermissionNotFoundError`.

This change ensures that the port values for a security group rule are always of type
`Union[int, None]`.

No tests needed to be modified as a result of this change.  A new test was added that
explicitly covers the behavior that had been failing.

* Skip test in server mode
2021-03-31 19:33:36 +01:00
Brian Pandola
1761be46e3
Return error when trying to add rules to a non-existent security group (#3802)
Behavior and error code/message confirmed against real AWS backend.
2021-03-26 13:00:51 +00:00
Brian Pandola
2bae7e4e0d
Raise error when adding duplicate egress rule to ec2:SecurityGroup (#3801)
The `InvalidPermission.Duplicate` error was already implemented for inbound rules,
but AWS also returns this error for duplicate outbound rules.

Very minor changes were needed on existing tests that were adding duplicate
outbound rules (when testing the RulesPerSecurityGroupLimitExceeded error).
2021-03-26 11:23:07 +00:00
Bert Blommers
737636f9df
Tech debt (#3653) 2021-02-02 16:31:26 +00:00
Bert Blommers
0f32f3c50c
#3542 - CloudFormation - Fix SecurityGroup ingress rules (#3553) 2021-01-13 13:36:56 +00:00
Matěj Cepl
ea489bce6c Finish porting from nose to pytest. 2020-11-10 08:25:05 +01:00
Matěj Cepl
77dc60ea97 Port test suite from nose to pytest.
This just eliminates all errors on the tests collection. Elimination of
failures is left to the next commit.
2020-11-10 08:23:44 +01:00
jmbollard
2a27e457bf
Security group egress ip permissions fix (#3250)
* Add support for Description in egress rule response

* Update SecurityGroup default egress rule ip range

* Remove extra commas

* Remove extra commas

* Lower docker package in Travis

* Add more lambda vars per PR 3247

* Remove code added in 3247

* Add tests for egress rules with Descriptions

* Reformat based on black

Co-authored-by: spillin <jmbollard@me.com>
2020-08-26 14:27:45 +01:00
usmangani1
a7ddcd7da3
Fix:EC2-authorize_security_group_ingress- add description to IP-Ranges (#3196)
* Fix:EC2-authorize_security_group_ingress- add description to IP-Ranges

* Fix:EC2-authorize_security_group_ingress- add test when description is not present.

* part commit

* Fix:fixed build errors

* Linting

* Allow for Python2 string/unicodes

Co-authored-by: usmankb <usman@krazybee.com>
Co-authored-by: Bert Blommers <info@bertblommers.nl>
2020-08-04 06:50:57 +01:00
aimannajjar
639c1abcb4 clarifying comment in test case 2020-03-01 08:23:31 -05:00
aimannajjar
5b9b965647 [ec2-sg] added logic to create a second default egress rule for ipv6 2020-02-29 21:05:05 -05:00
gruebel
5895231b5c Fix ec2.revoke_security_group_egress for IpProtocol -1 2019-11-24 17:17:53 +01:00
Asher Foa
96e5b1993d Run black on moto & test directories. 2019-10-31 10:36:05 -07:00
Bendegúz Ács
f408709ef9 VPC IPv4 validation (#2026)
* Implemented throwing invalid subnet range error and fixed breaking tests.

* Implemented throwing invalid CIDR block parameter error for vpcs and subnets.

* Implemented throwing invalid destination CIDR block error.

* IPv6 addresses not accepted, strict checking disabled.

* Implemented throwing invalid subnet conflict error and fixed breaking tests.

* Implemented throwing invalid VPC range error and fixed breaking tests.

* Fixed accidentally removed ).

* Fixed test case trying to create two subnets with the same CIDR range.
2019-05-25 18:35:07 +01:00
Steve Pulec
af8697c9a7 Fix security group rules for single rule case. Closes #1522. 2018-04-13 15:03:07 -04:00
William Johansson
88fb732302 Support wildcard tag filters on SecurityGroups 2017-10-06 21:55:01 +02:00
Nuwan Goonasekera
298772ca92 Raise InvalidGroup.NotFound in DescribeSecurityGroups 2017-09-18 19:51:01 +05:30
Steve Pulec
f37bad0e00 Lints. 2017-02-23 21:37:43 -05:00
Steve Pulec
81836b6981 Get standalone server mode working for all tests. 2017-02-23 19:43:48 -05:00
Steve Pulec
fde721bed7 Testing new version of decorator. 2017-02-15 22:35:45 -05:00
David Wilcox
012dd497f2 make get_all_security_groups filter AND match group ids, not OR them (#822) 2017-02-08 21:29:37 -05:00
costypetrisor
a967ec0d39 made the Security Group backend throw the same error as AWS if the nb of sec groups limit is hit (#742)
* made the Security Group backend throw the same error as AWS if the security group limit is hit

* included in the security group limit the count of grants to other security groups & updated the unit tests to cover these

* refactored a few things about the sec group rule count limit
2017-01-18 21:37:55 -05:00
Steve Pulec
a292150087 Throw exception if same security group rule added twice. Closes #737. 2017-01-11 22:35:27 -05:00
Taro Sato
02324ad708 Add more availability regions and implement default VPC (#773)
Fix filter name for availability zone

Fix bug assuming dict keys are ordered

Fix tests

Fix tests

Fix bug
2017-01-11 20:37:57 -05:00
Costy Petrisor
8689b40d23 made the security group endpoints that authorize or revoke firewall rules
to support batch rules (boto doesn't expose this, but botocore/boto3 does)
2016-10-20 19:34:11 +00:00
Costy Petrisor
6f622b9689 an unit test for the bulk authorization and revokation of security group
rules
2016-10-20 18:14:22 +00:00
rocky4570fft
d6f76cbb43 Add dry_run to a number of EC2 services 2016-10-16 00:34:52 +10:00
Paul Cieslar
8e6dd13738 Addition of region to test_security_group_tagging_boto3 2016-06-23 12:38:17 +01:00
Paul Cieslar
35d200c420 Update to test for security group tagging
Support for describe_security_groups() in boto3
2016-06-23 12:03:29 +01:00
Adam Romanek
b32fbf090a Fix security group ingress authorization for all protocols with no port spec 2016-04-26 11:00:04 +02:00
Yann Lambret
232b832563 Change type for IpProtocol key 2016-04-20 23:21:39 +02:00
Yann Lambret
f9267cff6c Fix egress rules management to autorize or revoke a security group 2016-04-20 23:01:09 +02:00
Yann Lambret
de68c94a0a Add the default outboud rule for security groups 2016-04-19 23:50:46 +02:00
kevgliss
6bc4a8b38a Adds support for authorizing and revoking egress permissions 2016-01-15 12:36:11 -08:00
Steve Pulec
6c9bba2ca1 Cleanup EC2 classic default security group. 2015-03-14 18:50:41 -04:00
Hugo Lopes Tavares
20d8318997 Add support to tag filtering to Security Groups 2015-02-24 17:56:26 -05:00
Steve Pulec
5ededbb297 Fix security group tags. Closes #301. 2015-02-14 08:57:14 -05:00
Joseph Lawson
b9f747fb4f test ip_ranges when authorizing security group ingress rules 2014-10-06 14:49:37 -04:00
Shawn Falkner-Horine
3f266ebc2b Security Groups: Fix for filtering support. 2014-09-10 09:42:38 -07:00
Rory-Finnegan
665beda466 Added support to get_all_security_groups endpoint to actually filter groups.
- Filters by groupnames, group_ids and a filters. However, the filters option doesn't
   support owner-id and tags since neither attribute was readily available via the SecurityGroup object.

 - Also included a basic test to confirm it works.
2014-09-03 16:57:51 -04:00
David Baumgold
4201e6b430 from __future__ import unicode_literals 2014-08-27 11:33:55 -04:00
Shawn Falkner-Horine
c97417d8e7 Error handling: Model-level validations, proper error responses. (backport assert_raises as context manager for Python 2.6) 2014-08-25 15:09:38 -07:00
Shawn Falkner-Horine
071c03e216 Error handling: Model-level validations, proper error responses. 2014-08-25 10:54:47 -07:00
Steve Pulec
06481ebe7e Require a GroupDescription for security group creation. Closes #112. 2014-05-11 17:37:00 -04:00
Steve Pulec
8182b3baa8 Extend security group testing for VPC. 2014-05-11 17:13:48 -04:00
Jon Haddad
77ab6d2022 removed unnecessary itertools chain.
added success test case around authorize & revoke
2014-03-21 13:31:00 -07:00
Jon Haddad
cbdc8ba183 We're getting back the correct group from get_security_group_from_id,
but hitting another issue with the source_group_name also using an id
rather than a name
2014-03-20 17:26:08 -07:00