Skip to content

Commit

Permalink
Cover network interface PrivateIpAddress (#3669)
Browse files Browse the repository at this point in the history 
* Cover network interface PrivateIpAddress
* Also test for AWS::EC2::NetworkInterface
  • Loading branch information
@kddejong
kddejong authored Sep 6, 2024
1 parent 149fb67 commit 05be958
Show file tree
Hide file tree
Showing 3 changed files with 95 additions and 0 deletions.
13 changes: 13 additions & 0 deletions src/cfnlint/data/schemas/extensions/aws_ec2_instance/privateipaddress.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
"NetworkInterfaces": {
"items": {
"properties": {
"PrivateIpAddress": false,
"PrivateIpAddresses": {
"items": {
"properties": {
Expand All @@ -24,6 +25,18 @@
}
},
"type": "array"
},
"PrivateIpAddresses": {
"items": {
"properties": {
"Primary": {
"enum": [
false
]
}
}
},
"type": "array"
}
}
}
Expand Down
1 change: 1 addition & 0 deletions src/cfnlint/rules/resources/ectwo/PrivateIpWithNetworkInterface.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ def __init__(self) -> None:
super().__init__(
keywords=[
"Resources/AWS::EC2::Instance/Properties",
"Resources/AWS::EC2::NetworkInterface/Properties",
],
schema_details=SchemaDetails(
module=cfnlint.data.schemas.extensions.aws_ec2_instance,
Expand Down
81 changes: 81 additions & 0 deletions test/unit/rules/resources/ec2/test_private_ip_with_network_interafce.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,51 @@ def rule():
},
[],
),
(
"Valid AWS::EC2::NetworkInterface with PrivateIpAddresses",
{
"PrivateIpAddress": "172.31.35.42",
"PrivateIpAddresses": [
{"PrivateIpAddress": "172.31.35.42", "Primary": False}
],
},
{
"path": ["Resources", "Instance", "Properties"],
},
[],
),
(
"Invalid with a private ip address in two spots",
{
"PrivateIpAddress": "172.31.35.42",
"NetworkInterfaces": [
{
"PrivateIpAddress": "172.31.35.42",
}
],
},
{
"path": ["Resources", "Instance", "Properties"],
},
[
ValidationError(
"'Primary' cannot be True when 'PrivateIpAddress' is specified",
validator=None,
rule=PrivateIpWithNetworkInterface(),
path=deque(["NetworkInterfaces", 0, "PrivateIpAddress"]),
schema_path=deque(
[
"then",
"properties",
"NetworkInterfaces",
"items",
"properties",
"PrivateIpAddress",
]
),
)
],
),
(
"Invalid with a private ip address",
{
Expand Down Expand Up @@ -108,12 +153,48 @@ def rule():
)
],
),
(
"Invalid AWS::EC2::NetworkInterface with PrivateIpAddresses",
{
"PrivateIpAddress": "172.31.35.42",
"PrivateIpAddresses": [
{"PrivateIpAddress": "172.31.35.42", "Primary": True}
],
},
{
"path": ["Resources", "Instance", "Properties"],
},
[
ValidationError(
"'Primary' cannot be True when 'PrivateIpAddress' is specified",
validator="enum",
rule=PrivateIpWithNetworkInterface(),
path=deque(["PrivateIpAddresses", 0, "Primary"]),
schema_path=deque(
[
"then",
"properties",
"PrivateIpAddresses",
"items",
"properties",
"Primary",
"enum",
]
),
)
],
),
],
indirect=["path"],
)
def test_validate(name, instance, expected, rule, validator):
errs = list(rule.validate(validator, "", instance, {}))

for err in errs:
print(err.validator)
print(err.path)
print(err.schema_path)

assert (
errs == expected
), f"Expected test {name!r} to have {expected!r} but got {errs!r}"

0 comments on commit 05be958

Please sign in to comment.