Comment 4 for bug 1006878
Revision history for this message
| Avinash Prasad (avinash-prasad) wrote | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Have been working on the above issue and came across this case.
So would require some pointers/views on this when I execute the command,
euca-authorize -P udp -o test1 test2
I get the following output,.
GROUP test2
PERMISSION test2 ALLOWS udp GRPNAME test1 FROM CIDR 0.0.0.0/0
The custom rule of tcp is added to group test2 even without mentioning the -p(port number) switch as per the EC2 docs here,
http://
Whenever the protocol udp/tcp is to be added one needs to mention the port number(-p) as well. Keeping, that in mind in the above example no port number has been mentioned and still the rule gets added.
An example from the EC2 docs highlighting the addition of custom rules are as follows(taken from the above link) are,
PROMPT> ec2-authorize websrv -P tcp -p 80 -u 111122223333 -o OtherAccountGroup
GROUP websrv
PERMISSION websrv ALLOWS tcp 80 80 FROM USER 111122223333 NAME OtherAccountGroup ingress
So, I believe the behavior doesn't seem to be correct as it does not comply with the EC2 API docs/specs. According to me it should raise validation error(stating insufficient parameters are supplied).
A behavior similar to this,
euca-authorize -P tcp ntest2
EC2APIError: [] Not enough parameters to build a valid rule
It would be nice to get some viewpoints on this and views on the above situation to get a clear idea.