Skip to content

Commit 8215389

Browse files
ChintanRavalrix0rrr
ChintanRaval
authored and
rix0rrr
committed
feat(aws-ec2): support UDP port ranges in SecurityGroups (#835)
Add support for UDP to ec2.SecurityGroupRule
1 parent 7e5738f commit 8215389

File tree

2 files changed

+92
-3
lines changed

2 files changed

+92
-3
lines changed

packages/@aws-cdk/aws-ec2/lib/security-group-rule.ts

Lines changed: 86 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -234,7 +234,92 @@ export class TcpAllPorts implements IPortRange {
234234
}
235235

236236
/**
237-
* All TCP Ports
237+
* A single UDP port
238+
*/
239+
export class UdpPort implements IPortRange {
240+
public readonly canInlineRule = true;
241+
242+
constructor(private readonly port: number) {
243+
}
244+
245+
public toRuleJSON(): any {
246+
return {
247+
ipProtocol: Protocol.Udp,
248+
fromPort: this.port,
249+
toPort: this.port
250+
};
251+
}
252+
253+
public toString() {
254+
return `UDP ${this.port}`;
255+
}
256+
}
257+
258+
/**
259+
* A single UDP port that is provided by a resource attribute
260+
*/
261+
export class UdpPortFromAttribute implements IPortRange {
262+
public readonly canInlineRule = false;
263+
264+
constructor(private readonly port: string) {
265+
}
266+
267+
public toRuleJSON(): any {
268+
return {
269+
ipProtocol: Protocol.Udp,
270+
fromPort: this.port,
271+
toPort: this.port
272+
};
273+
}
274+
275+
public toString() {
276+
return 'UDP {IndirectPort}';
277+
}
278+
}
279+
280+
/**
281+
* A UDP port range
282+
*/
283+
export class UdpPortRange implements IPortRange {
284+
public readonly canInlineRule = true;
285+
286+
constructor(private readonly startPort: number, private readonly endPort: number) {
287+
}
288+
289+
public toRuleJSON(): any {
290+
return {
291+
ipProtocol: Protocol.Udp,
292+
fromPort: this.startPort,
293+
toPort: this.endPort
294+
};
295+
}
296+
297+
public toString() {
298+
return `UDP ${this.startPort}-${this.endPort}`;
299+
}
300+
}
301+
302+
/**
303+
* All UDP Ports
304+
*/
305+
export class UdpAllPorts implements IPortRange {
306+
public readonly canInlineRule = true;
307+
308+
public toRuleJSON(): any {
309+
return {
310+
ipProtocol: Protocol.Udp,
311+
fromPort: 0,
312+
toPort: 65535
313+
};
314+
}
315+
316+
public toString() {
317+
return 'UDP ALL PORTS';
318+
}
319+
}
320+
321+
/**
322+
* All Traffic
238323
*/
239324
export class AllConnections implements IPortRange {
240325
public readonly canInlineRule = true;

packages/@aws-cdk/aws-ec2/test/test.connections.ts

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ import { expect, haveResource } from '@aws-cdk/assert';
22
import { Stack } from '@aws-cdk/cdk';
33
import { Test } from 'nodeunit';
44
import { AllConnections, AnyIPv4, AnyIPv6, Connections, IConnectable, PrefixList, SecurityGroup, SecurityGroupRef,
5-
TcpAllPorts, TcpPort, TcpPortFromAttribute, TcpPortRange, VpcNetwork } from '../lib';
5+
TcpAllPorts, TcpPort, TcpPortFromAttribute, TcpPortRange, UdpAllPorts, UdpPort, UdpPortFromAttribute, UdpPortRange, VpcNetwork } from '../lib';
66

77
export = {
88
'peering between two security groups does not recursive infinitely'(test: Test) {
@@ -73,9 +73,13 @@ export = {
7373

7474
const ports = [
7575
new TcpPort(1234),
76-
new TcpPortFromAttribute("port!"),
76+
new TcpPortFromAttribute("tcp-test-port!"),
7777
new TcpAllPorts(),
7878
new TcpPortRange(80, 90),
79+
new UdpPort(2345),
80+
new UdpPortFromAttribute("udp-test-port!"),
81+
new UdpAllPorts(),
82+
new UdpPortRange(85, 95),
7983
new AllConnections()
8084
];
8185

0 commit comments

Comments
 (0)