-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(aws-ec2): restrictDefaultSecurityGroup does not remove IPv6 egress rule #29709
Comments
Regardless of the Lines 27 to 37 in fff9cf6
|
I have also observed this.
I think that routine needs to do 2 things:
In the second case there, if it's not dual stack, then it should not add |
Describe the bug
Setting restrictDefaultSecurityGroup to true for a dual-stack VPC will not remove the IPv6 egress rule.
Expected Behavior
For a dual-stack VPC with restrictDefaultSecurityGroup set to true, all (IPv4 and IPv6) ingress and egress rules should be removed.
Current Behavior
For a dual-stack VPC with restrictDefaultSecurityGroup set to true, only IPv4 ingress and egress rules are removed.
Reproduction Steps
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.135.0 (build d46c474)
Framework Version
No response
Node.js Version
v20.12.0
OS
macOS Sonoma 14.4.1 (23E224)
Language
TypeScript
Language Version
TypeScript (5.4.3)
Other information
No response
The text was updated successfully, but these errors were encountered: