Adds support for authorizing and revoking egress permissions
This commit is contained in:
kevgliss
parent
defd106523
commit
6bc4a8b38a
3 changed files with 106 additions and 3 deletions
|
|
@ -152,6 +152,23 @@ def test_authorize_ip_range_and_revoke():
|
|||
security_group = conn.get_all_security_groups()[0]
|
||||
security_group.rules.should.have.length_of(0)
|
||||
|
||||
# Test for egress as well
|
||||
egress_security_group = conn.create_security_group('testegress', 'testegress', vpc_id='vpc-3432589')
|
||||
success = conn.authorize_security_group_egress(egress_security_group.id, "tcp", from_port="22", to_port="2222", cidr_ip="123.123.123.123/32")
|
||||
assert success.should.be.true
|
||||
egress_security_group = conn.get_all_security_groups(groupnames='testegress')[0]
|
||||
int(egress_security_group.rules_egress[0].to_port).should.equal(2222)
|
||||
egress_security_group.rules_egress[0].grants[0].cidr_ip.should.equal("123.123.123.123/32")
|
||||
|
||||
# Wrong Cidr should throw error
|
||||
egress_security_group.revoke.when.called_with(ip_protocol="tcp", from_port="22", to_port="2222", cidr_ip="123.123.123.122/32").should.throw(EC2ResponseError)
|
||||
|
||||
# Actually revoke
|
||||
conn.revoke_security_group_egress(egress_security_group.id, "tcp", from_port="22", to_port="2222", cidr_ip="123.123.123.123/32")
|
||||
|
||||
egress_security_group = conn.get_all_security_groups()[0]
|
||||
egress_security_group.rules_egress.should.have.length_of(0)
|
||||
|
||||
|
||||
@mock_ec2
|
||||
def test_authorize_other_group_and_revoke():
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue