Bug fix for default network ACL entries (#2056)
* Fixed a bug where default network ACL entries could not be deleted. * Implemented throwing error when a network entry with the same rule number and egress value already exists. * Fixed syntax errors. * Added socket.timeout to possibly raised exceptions in wait_for for Python 3.
This commit is contained in:
Bendegúz Ács
Terry Cain
parent
7271fb9391
commit
21917c4b93
4 changed files with 55 additions and 6 deletions
|
|
@ -2,6 +2,8 @@ from __future__ import unicode_literals
|
|||
import boto
|
||||
import boto3
|
||||
import sure # noqa
|
||||
from nose.tools import assert_raises
|
||||
from botocore.exceptions import ClientError
|
||||
|
||||
from moto import mock_ec2_deprecated, mock_ec2
|
||||
|
||||
|
|
@ -214,3 +216,37 @@ def test_default_network_acl_default_entries():
|
|||
unique_entries.append(entry)
|
||||
|
||||
unique_entries.should.have.length_of(4)
|
||||
|
||||
|
||||
@mock_ec2
|
||||
def test_delete_default_network_acl_default_entry():
|
||||
ec2 = boto3.resource('ec2', region_name='us-west-1')
|
||||
default_network_acl = next(iter(ec2.network_acls.all()), None)
|
||||
default_network_acl.is_default.should.be.ok
|
||||
|
||||
default_network_acl.entries.should.have.length_of(4)
|
||||
first_default_network_acl_entry = default_network_acl.entries[0]
|
||||
|
||||
default_network_acl.delete_entry(Egress=first_default_network_acl_entry['Egress'],
|
||||
RuleNumber=first_default_network_acl_entry['RuleNumber'])
|
||||
|
||||
default_network_acl.entries.should.have.length_of(3)
|
||||
|
||||
|
||||
@mock_ec2
|
||||
def test_duplicate_network_acl_entry():
|
||||
ec2 = boto3.resource('ec2', region_name='us-west-1')
|
||||
default_network_acl = next(iter(ec2.network_acls.all()), None)
|
||||
default_network_acl.is_default.should.be.ok
|
||||
|
||||
rule_number = 200
|
||||
egress = True
|
||||
default_network_acl.create_entry(CidrBlock="0.0.0.0/0", Egress=egress, Protocol="-1", RuleAction="allow", RuleNumber=rule_number)
|
||||
|
||||
with assert_raises(ClientError) as ex:
|
||||
default_network_acl.create_entry(CidrBlock="10.0.0.0/0", Egress=egress, Protocol="-1", RuleAction="deny", RuleNumber=rule_number)
|
||||
str(ex.exception).should.equal(
|
||||
"An error occurred (NetworkAclEntryAlreadyExists) when calling the CreateNetworkAclEntry "
|
||||
"operation: The network acl entry identified by {} already exists.".format(rule_number))
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue