Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only first security group used to check for ingress rules #341

Open
donny-dont opened this issue Aug 21, 2023 · 0 comments
Open

Only first security group used to check for ingress rules #341

donny-dont opened this issue Aug 21, 2023 · 0 comments

Comments

@donny-dont
Copy link
Contributor

If multiple security groups are being assigned to the instance and the first security group does not have ingress rules the instance will fail with the following error.

provision: failed to create instance: security group XXXXXX does not have the correct ingress rules. There is no rule for port 9079

The code in amazon/driver.go only checks the first security group.

	// check the security group ingress rules
	rulesErr := checkIngressRules(ctx, client, p.groups[0])
	if rulesErr != nil {
		return nil, rulesErr
	}

It looks like this should work if the function checkIngressRules took multiple group identifiers

func checkIngressRules(ctx context.Context, client *ec2.EC2, groupID string) error {
	input := &ec2.DescribeSecurityGroupsInput{
		GroupIds: []*string{aws.String(groupID)},
	}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@donny-dont