feat(sg): add more status atProvider for missing fields

Signed-off-by: Christopher Haar <[email protected]>
haarchri · Jun 3, 2024 · afa755a · afa755a
1 parent 6966f8d
commit afa755a
Show file tree

Hide file tree

Showing 3 changed files with 110 additions and 8 deletions.
diff --git a/apis/ec2/v1beta1/securitygroup_types.go b/apis/ec2/v1beta1/securitygroup_types.go
@@ -273,6 +273,41 @@ type SecurityGroupRuleObservation struct {
 
 	// Description of this rule.
 	Description *string `json:"description,omitempty"`
+
+	// The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A
+	// value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6
+	// types, you must specify all codes.
+	FromPort *int32 `json:"fromPort,omitempty"`
+
+	// The ID of the prefix list.
+	PrefixListId *string `json:"prefixListId,omitempty"`
+
+	// Describes the security group that is referenced in the rule.
+	ReferencedGroupInfo *ReferencedSecurityGroup `json:"referencedGroupInfo,omitempty"`
+
+	// The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A
+	// value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6
+	// types, you must specify all codes.
+	ToPort *int32 `json:"toPort,omitempty"`
+}
+
+// A ReferencedSecurityGroup describes the security group that is referenced in the security group rule.
+type ReferencedSecurityGroup struct {
+
+	// The ID of the security group.
+	GroupId *string `json:"groupId,omitempty"`
+
+	// The status of a VPC peering connection, if applicable.
+	PeeringStatus *string `json:"peeringStatus,omitempty"`
+
+	// The Amazon Web Services account ID.
+	UserId *string `json:"userId,omitempty"`
+
+	// The ID of the VPC.
+	VpcId *string `json:"vpcId,omitempty"`
+
+	// The ID of the VPC peering connection.
+	VpcPeeringConnectionId *string `json:"vpcPeeringConnectionId,omitempty"`
 }
 
 // A SecurityGroupStatus represents the observed state of a SecurityGroup.

diff --git a/pkg/clients/ec2/securitygroup.go b/pkg/clients/ec2/securitygroup.go
@@ -106,10 +106,23 @@ func GenerateSGObservation(sg ec2types.SecurityGroup, rules []ec2types.SecurityG
 
 	for _, r := range rules {
 		observedRule := v1beta1.SecurityGroupRuleObservation{
-			ID:         r.SecurityGroupRuleId,
-			CidrIpv4:   r.CidrIpv4,
-			CidrIpv6:   r.CidrIpv6,
-			IpProtocol: r.IpProtocol,
+			ID:           r.SecurityGroupRuleId,
+			CidrIpv4:     r.CidrIpv4,
+			CidrIpv6:     r.CidrIpv6,
+			IpProtocol:   r.IpProtocol,
+			Description:  r.Description,
+			FromPort:     r.FromPort,
+			ToPort:       r.ToPort,
+			PrefixListId: r.PrefixListId,
+		}
+		if r.ReferencedGroupInfo != nil {
+			observedRule.ReferencedGroupInfo = &v1beta1.ReferencedSecurityGroup{
+				GroupId:                r.ReferencedGroupInfo.GroupId,
+				PeeringStatus:          r.ReferencedGroupInfo.PeeringStatus,
+				UserId:                 r.ReferencedGroupInfo.UserId,
+				VpcId:                  r.ReferencedGroupInfo.VpcId,
+				VpcPeeringConnectionId: r.ReferencedGroupInfo.VpcPeeringConnectionId,
+			}
 		}
 		if ptr.Deref(r.IsEgress, false) {
 			egressRules = append(egressRules, observedRule)

diff --git a/pkg/clients/ec2/securitygroup_test.go b/pkg/clients/ec2/securitygroup_test.go
@@ -157,21 +157,75 @@ func TestGenerateSGObservation(t *testing.T) {
 						IpProtocol:  ptr.To("tcp"),
 						IsEgress:    ptr.To(false),
 					},
+					{
+						CidrIpv4:    ptr.To("10.0.0.0/16"),
+						Description: ptr.To("ingress rule"),
+						FromPort:    aws.Int32(int32(8080)),
+						ToPort:      aws.Int32(int32(8443)),
+						GroupId:     ptr.To("efgh"),
+						IpProtocol:  ptr.To("tcp"),
+						IsEgress:    ptr.To(false),
+					},
+					{
+						ReferencedGroupInfo: &ec2types.ReferencedSecurityGroup{
+							GroupId: ptr.To("groupId"),
+						},
+						Description: ptr.To("ingress rule sg"),
+						FromPort:    aws.Int32(int32(8080)),
+						ToPort:      aws.Int32(int32(8443)),
+						GroupId:     ptr.To("efgh"),
+						IpProtocol:  ptr.To("tcp"),
+						IsEgress:    ptr.To(false),
+					},
+					{
+						PrefixListId: ptr.To("pl-12345676"),
+						Description:  ptr.To("ingress rule pl"),
+						FromPort:     aws.Int32(int32(8080)),
+						ToPort:       aws.Int32(int32(8443)),
+						GroupId:      ptr.To("efgh"),
+						IpProtocol:   ptr.To("tcp"),
+						IsEgress:     ptr.To(false),
+					},
 				},
 			},
 			out: v1beta1.SecurityGroupObservation{
 				OwnerID:         sgOwner,
 				SecurityGroupID: sgID,
 				EgressRules: []v1beta1.SecurityGroupRuleObservation{
 					{
-						CidrIpv4:   ptr.To("10.0.0.16/32"),
-						IpProtocol: ptr.To("tcp"),
+						CidrIpv4:    ptr.To("10.0.0.16/32"),
+						IpProtocol:  ptr.To("tcp"),
+						Description: ptr.To("egress rule"),
 					},
 				},
 				IngressRules: []v1beta1.SecurityGroupRuleObservation{
 					{
-						CidrIpv4:   ptr.To("10.0.100.16/16"),
-						IpProtocol: ptr.To("tcp"),
+						CidrIpv4:    ptr.To("10.0.100.16/16"),
+						IpProtocol:  ptr.To("tcp"),
+						Description: ptr.To("ingress rule"),
+					},
+					{
+						CidrIpv4:    ptr.To("10.0.0.0/16"),
+						IpProtocol:  ptr.To("tcp"),
+						Description: ptr.To("ingress rule"),
+						FromPort:    aws.Int32(int32(8080)),
+						ToPort:      aws.Int32(int32(8443)),
+					},
+					{
+						IpProtocol:  ptr.To("tcp"),
+						Description: ptr.To("ingress rule sg"),
+						FromPort:    aws.Int32(int32(8080)),
+						ToPort:      aws.Int32(int32(8443)),
+						ReferencedGroupInfo: &v1beta1.ReferencedSecurityGroup{
+							GroupId: ptr.To("groupId"),
+						},
+					},
+					{
+						PrefixListId: ptr.To("pl-12345676"),
+						IpProtocol:   ptr.To("tcp"),
+						Description:  ptr.To("ingress rule pl"),
+						FromPort:     aws.Int32(int32(8080)),
+						ToPort:       aws.Int32(int32(8443)),
 					},
 				},
 			},