catalin/moto
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

VPC IPv4 validation (#2026)

Browse source 
* Implemented throwing invalid subnet range error and fixed breaking tests.

* Implemented throwing invalid CIDR block parameter error for vpcs and subnets.

* Implemented throwing invalid destination CIDR block error.

* IPv6 addresses not accepted, strict checking disabled.

* Implemented throwing invalid subnet conflict error and fixed breaking tests.

* Implemented throwing invalid VPC range error and fixed breaking tests.

* Fixed accidentally removed ).

* Fixed test case trying to create two subnets with the same CIDR range.
This commit is contained in:
Bendegúz Ács 2019-05-25 19:35:07 +02:00 committed by Terry Cain
commit f408709ef9
14 changed files with 215 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/test_ec2/test_network_acls.py
View file

@ -28,7 +28,7 @@ def test_new_subnet_associates_with_default_network_acl():
conn = boto.connect_vpc('the_key', 'the secret')
vpc = conn.get_all_vpcs()[0]
subnet = conn.create_subnet(vpc.id, "10.0.0.0/18")
subnet = conn.create_subnet(vpc.id, "172.31.48.0/20")
all_network_acls = conn.get_all_network_acls()
all_network_acls.should.have.length_of(1)

24
tests/test_ec2/test_route_tables.py
View file

@ -6,6 +6,7 @@ from nose.tools import assert_raises
import boto
import boto3
from boto.exception import EC2ResponseError
from botocore.exceptions import ClientError
import sure # noqa
from moto import mock_ec2, mock_ec2_deprecated
@ -528,3 +529,26 @@ def test_network_acl_tagging():
if na.id == route_table.id)
test_route_table.tags.should.have.length_of(1)
test_route_table.tags["a key"].should.equal("some value")
@mock_ec2
def test_create_route_with_invalid_destination_cidr_block_parameter():
ec2 = boto3.resource('ec2', region_name='us-west-1')
vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
vpc.reload()
vpc.is_default.shouldnt.be.ok
route_table = ec2.create_route_table(VpcId=vpc.id)
route_table.reload()
internet_gateway = ec2.create_internet_gateway()
vpc.attach_internet_gateway(InternetGatewayId=internet_gateway.id)
internet_gateway.reload()
destination_cidr_block = '1000.1.0.0/20'
with assert_raises(ClientError) as ex:
route = route_table.create_route(DestinationCidrBlock=destination_cidr_block, GatewayId=internet_gateway.id)
str(ex.exception).should.equal(
"An error occurred (InvalidParameterValue) when calling the CreateRoute "
"operation: Value ({}) for parameter destinationCidrBlock is invalid. This is not a valid CIDR block.".format(destination_cidr_block))

2
tests/test_ec2/test_security_groups.py
View file

@ -501,7 +501,7 @@ def test_sec_group_rule_limit_vpc():
ec2_conn = boto.connect_ec2()
vpc_conn = boto.connect_vpc()
vpc = vpc_conn.create_vpc('10.0.0.0/8')
vpc = vpc_conn.create_vpc('10.0.0.0/16')
sg = ec2_conn.create_security_group('test', 'test', vpc_id=vpc.id)
other_sg = ec2_conn.create_security_group('test_2', 'test', vpc_id=vpc.id)

2
tests/test_ec2/test_spot_fleet.py
View file

@ -7,7 +7,7 @@ from moto import mock_ec2
def get_subnet_id(conn):
vpc = conn.create_vpc(CidrBlock="10.0.0.0/8")['Vpc']
vpc = conn.create_vpc(CidrBlock="10.0.0.0/16")['Vpc']
subnet = conn.create_subnet(
VpcId=vpc['VpcId'], CidrBlock='10.0.0.0/16', AvailabilityZone='us-east-1a')['Subnet']
subnet_id = subnet['SubnetId']

2
tests/test_ec2/test_spot_instances.py
View file

@ -17,7 +17,7 @@ from moto.core.utils import iso_8601_datetime_with_milliseconds
@mock_ec2
def test_request_spot_instances():
conn = boto3.client('ec2', 'us-east-1')
vpc = conn.create_vpc(CidrBlock="10.0.0.0/8")['Vpc']
vpc = conn.create_vpc(CidrBlock="10.0.0.0/16")['Vpc']
subnet = conn.create_subnet(
VpcId=vpc['VpcId'], CidrBlock='10.0.0.0/16', AvailabilityZone='us-east-1a')['Subnet']
subnet_id = subnet['SubnetId']

55
tests/test_ec2/test_subnets.py
View file

@ -7,7 +7,7 @@ import boto3
import boto
import boto.vpc
from boto.exception import EC2ResponseError
from botocore.exceptions import ParamValidationError
from botocore.exceptions import ParamValidationError, ClientError
import json
import sure # noqa
@ -84,7 +84,7 @@ def test_default_subnet():
default_vpc.is_default.should.be.ok
subnet = ec2.create_subnet(
VpcId=default_vpc.id, CidrBlock='172.31.0.0/20', AvailabilityZone='us-west-1a')
VpcId=default_vpc.id, CidrBlock='172.31.48.0/20', AvailabilityZone='us-west-1a')
subnet.reload()
subnet.map_public_ip_on_launch.shouldnt.be.ok
@ -126,7 +126,7 @@ def test_modify_subnet_attribute():
vpc = list(ec2.vpcs.all())[0]
subnet = ec2.create_subnet(
VpcId=vpc.id, CidrBlock='10.0.0.0/24', AvailabilityZone='us-west-1a')
VpcId=vpc.id, CidrBlock="172.31.48.0/20", AvailabilityZone='us-west-1a')
# 'map_public_ip_on_launch' is set when calling 'DescribeSubnets' action
subnet.reload()
@ -289,3 +289,52 @@ def test_subnet_tags_through_cloudformation():
subnet = vpc_conn.get_all_subnets(filters={'cidrBlock': '10.0.0.0/24'})[0]
subnet.tags["foo"].should.equal("bar")
subnet.tags["blah"].should.equal("baz")
@mock_ec2
def test_create_subnet_with_invalid_cidr_range():
ec2 = boto3.resource('ec2', region_name='us-west-1')
vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
vpc.reload()
vpc.is_default.shouldnt.be.ok
subnet_cidr_block = '10.1.0.0/20'
with assert_raises(ClientError) as ex:
subnet = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
str(ex.exception).should.equal(
"An error occurred (InvalidSubnet.Range) when calling the CreateSubnet "
"operation: The CIDR '{}' is invalid.".format(subnet_cidr_block))
@mock_ec2
def test_create_subnet_with_invalid_cidr_block_parameter():
ec2 = boto3.resource('ec2', region_name='us-west-1')
vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
vpc.reload()
vpc.is_default.shouldnt.be.ok
subnet_cidr_block = '1000.1.0.0/20'
with assert_raises(ClientError) as ex:
subnet = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
str(ex.exception).should.equal(
"An error occurred (InvalidParameterValue) when calling the CreateSubnet "
"operation: Value ({}) for parameter cidrBlock is invalid. This is not a valid CIDR block.".format(subnet_cidr_block))
@mock_ec2
def test_create_subnets_with_overlapping_cidr_blocks():
ec2 = boto3.resource('ec2', region_name='us-west-1')
vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
vpc.reload()
vpc.is_default.shouldnt.be.ok
subnet_cidr_block = '10.0.0.0/24'
with assert_raises(ClientError) as ex:
subnet1 = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
subnet2 = ec2.create_subnet(VpcId=vpc.id, CidrBlock=subnet_cidr_block)
str(ex.exception).should.equal(
"An error occurred (InvalidSubnet.Conflict) when calling the CreateSubnet "
"operation: The CIDR '{}' conflicts with another subnet".format(subnet_cidr_block))

24
tests/test_ec2/test_vpcs.py
View file

@ -539,3 +539,27 @@ def test_ipv6_cidr_block_association_filters():
filtered_vpcs = list(ec2.vpcs.filter(Filters=[{'Name': 'ipv6-cidr-block-association.state',
'Values': ['associated']}]))
filtered_vpcs.should.be.length_of(2) # 2 of 4 VPCs
@mock_ec2
def test_create_vpc_with_invalid_cidr_block_parameter():
ec2 = boto3.resource('ec2', region_name='us-west-1')
vpc_cidr_block = '1000.1.0.0/20'
with assert_raises(ClientError) as ex:
vpc = ec2.create_vpc(CidrBlock=vpc_cidr_block)
str(ex.exception).should.equal(
"An error occurred (InvalidParameterValue) when calling the CreateVpc "
"operation: Value ({}) for parameter cidrBlock is invalid. This is not a valid CIDR block.".format(vpc_cidr_block))
@mock_ec2
def test_create_vpc_with_invalid_cidr_range():
ec2 = boto3.resource('ec2', region_name='us-west-1')
vpc_cidr_block = '10.1.0.0/29'
with assert_raises(ClientError) as ex:
vpc = ec2.create_vpc(CidrBlock=vpc_cidr_block)
str(ex.exception).should.equal(
"An error occurred (InvalidVpc.Range) when calling the CreateVpc "
"operation: The CIDR '{}' is invalid.".format(vpc_cidr_block))