commit d444a9511b4d35867dcdd40c96313cef4a36ec83
Author: Pratik Shah <email address hidden>
Date: Wed Aug 9 13:14:45 2017 +0530
[AWS] Fixed Security Group Creation Issues
Issues:
1. Security Group created using Openstack API, creates 2 outbound rules
(1 for IPv4 and 1 for IPv6) and no inbound rules. Hence the rule_dict
that was getting created contained same data for both outbound rules.
Hence while authorization of egress direction, it was throwing error
"ClientError: The same permission must not appear multiple times"
2. Since there are no inbound rules in security group, empty list was
passed to AuthorizeSecurityGroupIngress operation. Hence it was raising
"ClientError: Missing source specification: include source security group
or CIDR information".
3. While updating the security group which was created using API, I was
seeing error: "ClientError: Missing source specification: include source
security group or CIDR information" as there were no inbound rules.
Fixes:
1. Added a check for IPv4 ether type in "_convert_openstack_rules_to_vpc()"
2. Moved authorization for ingress inside if block
Reviewed: https:/ /review. openstack. org/492022 /git.openstack. org/cgit/ openstack/ omni/commit/ ?id=d444a9511b4 d35867dcdd40c96 313cef4a36ec83
Committed: https:/
Submitter: Jenkins
Branch: master
commit d444a9511b4d358 67dcdd40c96313c ef4a36ec83
Author: Pratik Shah <email address hidden>
Date: Wed Aug 9 13:14:45 2017 +0530
[AWS] Fixed Security Group Creation Issues
Issues:
1. Security Group created using Openstack API, creates 2 outbound rules
(1 for IPv4 and 1 for IPv6) and no inbound rules. Hence the rule_dict
that was getting created contained same data for both outbound rules.
Hence while authorization of egress direction, it was throwing error
"ClientError: The same permission must not appear multiple times"
2. Since there are no inbound rules in security group, empty list was tyGroupIngress operation. Hence it was raising
passed to AuthorizeSecuri
"ClientError: Missing source specification: include source security group
or CIDR information".
3. While updating the security group which was created using API, I was
seeing error: "ClientError: Missing source specification: include source
security group or CIDR information" as there were no inbound rules.
Fixes: openstack_ rules_to_ vpc()"
1. Added a check for IPv4 ether type in "_convert_
2. Moved authorization for ingress inside if block
3. Added checks in "_update_ sec_group( )"
Closes-Bug: #1709545
Change-Id: I4e4acad4da3b09 5e7a8951abbfb94 f1b0d9c7e41