Fix EC2 Subnet allowing ipv6 only (#3969)

Author: kddejong

scripts/update_schemas_manually.py

@@ -1645,14 +1645,21 @@
             patches=[
                 Patch(
                     values={
-                        "requiredXor": ["CidrBlock", "Ipv4IpamPoolId"],
+                        "requiredXor": [
+                            "CidrBlock",
+                            "Ipv4IpamPoolId",
+                            "Ipv6IpamPoolId",
+                            "Ipv6CidrBlock",
+                        ],
                         "dependentExcluded": {
                             "AvailabilityZone": ["AvailabilityZoneId"],
                             "AvailabilityZoneId": ["AvailabilityZone"],
                         },
                         "dependentRequired": {
                             "Ipv4IpamPoolId": ["Ipv4NetmaskLength"],
                             "Ipv4NetmaskLength": ["Ipv4IpamPoolId"],
+                            "Ipv6IpamPoolId": ["Ipv6NetmaskLength"],
+                            "Ipv6NetmaskLength": ["Ipv6IpamPoolId"],
                         },
                     },
                     path="/",

src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/manual.json

@@ -1,12 +1,12 @@
 [
  {
   "op": "add",
-  "path": "/properties/HealthCheckType/enum",
+  "path": "/requiredXor",
   "value": [
-   "EBS",
-   "EC2",
-   "ELB",
-   "VPC_LATTICE"
+   "InstanceId",
+   "LaunchConfigurationName",
+   "LaunchTemplate",
+   "MixedInstancesPolicy"
   ]
  },
  {
@@ -19,12 +19,12 @@
  },
  {
   "op": "add",
-  "path": "/requiredXor",
+  "path": "/properties/HealthCheckType/enum",
   "value": [
-   "InstanceId",
-   "LaunchConfigurationName",
-   "LaunchTemplate",
-   "MixedInstancesPolicy"
+   "EBS",
+   "EC2",
+   "ELB",
+   "VPC_LATTICE"
   ]
  }
 ]

src/cfnlint/data/schemas/patches/extensions/all/aws_cloudfront_distribution/manual.json

@@ -1,25 +1,4 @@
 [
- {
-  "op": "add",
-  "path": "/definitions/ViewerCertificate/requiredXor",
-  "value": [
-   "AcmCertificateArn",
-   "CloudFrontDefaultCertificate",
-   "IamCertificateId"
-  ]
- },
- {
-  "op": "add",
-  "path": "/definitions/Origin/dependentExcluded",
-  "value": {
-   "CustomOriginConfig": [
-    "S3OriginConfig"
-   ],
-   "S3OriginConfig": [
-    "CustomOriginConfig"
-   ]
-  }
- },
  {
   "op": "add",
   "path": "/definitions/CustomErrorResponse/dependentRequired",
@@ -29,18 +8,6 @@
    ]
   }
  },
- {
-  "op": "add",
-  "path": "/definitions/ViewerCertificate/dependentRequired",
-  "value": {
-   "AcmCertificateArn": [
-    "SslSupportMethod"
-   ],
-   "IamCertificateId": [
-    "SslSupportMethod"
-   ]
-  }
- },
  {
   "op": "add",
   "path": "/definitions/CustomErrorResponse/properties/ErrorCode/enum",
@@ -330,5 +297,38 @@
    "ZM",
    "ZW"
   ]
+ },
+ {
+  "op": "add",
+  "path": "/definitions/Origin/dependentExcluded",
+  "value": {
+   "CustomOriginConfig": [
+    "S3OriginConfig"
+   ],
+   "S3OriginConfig": [
+    "CustomOriginConfig"
+   ]
+  }
+ },
+ {
+  "op": "add",
+  "path": "/definitions/ViewerCertificate/requiredXor",
+  "value": [
+   "AcmCertificateArn",
+   "CloudFrontDefaultCertificate",
+   "IamCertificateId"
+  ]
+ },
+ {
+  "op": "add",
+  "path": "/definitions/ViewerCertificate/dependentRequired",
+  "value": {
+   "AcmCertificateArn": [
+    "SslSupportMethod"
+   ],
+   "IamCertificateId": [
+    "SslSupportMethod"
+   ]
+  }
  }
 ]

src/cfnlint/data/schemas/patches/extensions/all/aws_cloudwatch_alarm/manual.json

@@ -36,13 +36,8 @@
  },
  {
   "op": "add",
-  "path": "/properties/AlarmActions/items/maximum",
-  "value": 1024
- },
- {
-  "op": "add",
-  "path": "/properties/AlarmActions/items/minimum",
-  "value": 1
+  "path": "/definitions/MetricDataQuery/properties/Id/pattern",
+  "value": "^([a-z])([A-Za-z0-9\\_]*)$"
  },
  {
   "op": "add",
@@ -56,8 +51,13 @@
  },
  {
   "op": "add",
-  "path": "/definitions/MetricDataQuery/properties/Id/pattern",
-  "value": "^([a-z])([A-Za-z0-9\\_]*)$"
+  "path": "/properties/AlarmActions/items/maximum",
+  "value": 1024
+ },
+ {
+  "op": "add",
+  "path": "/properties/AlarmActions/items/minimum",
+  "value": 1
  },
  {
   "op": "add",

src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbcluster/manual.json

@@ -1,14 +1,4 @@
 [
- {
-  "op": "add",
-  "path": "/properties/EngineVersion/enum",
-  "value": [
-   "3.6.0",
-   "4.0",
-   "4.0.0",
-   "5.0.0"
-  ]
- },
  {
   "op": "add",
   "path": "/properties/BackupRetentionPeriod/maximum",
@@ -18,5 +8,15 @@
   "op": "add",
   "path": "/properties/BackupRetentionPeriod/minimum",
   "value": 1
+ },
+ {
+  "op": "add",
+  "path": "/properties/EngineVersion/enum",
+  "value": [
+   "3.6.0",
+   "4.0",
+   "4.0.0",
+   "5.0.0"
+  ]
  }
 ]

src/cfnlint/data/schemas/patches/extensions/all/aws_dynamodb_table/manual.json

@@ -30,13 +30,6 @@
    }
   ]
  },
- {
-  "op": "add",
-  "path": "/definitions/SSESpecification/properties/SSEType/enum",
-  "value": [
-   "KMS"
-  ]
- },
  {
   "op": "add",
   "path": "/definitions/SSESpecification/dependentRequired",
@@ -45,5 +38,12 @@
     "SSEType"
    ]
   }
+ },
+ {
+  "op": "add",
+  "path": "/definitions/SSESpecification/properties/SSEType/enum",
+  "value": [
+   "KMS"
+  ]
  }
 ]

src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/manual.json

@@ -1,4 +1,16 @@
 [
+ {
+  "op": "add",
+  "path": "/dependentExcluded",
+  "value": {
+   "NetworkInterfaces": [
+    "SubnetId"
+   ],
+   "SubnetId": [
+    "NetworkInterfaces"
+   ]
+  }
+ },
  {
   "op": "add",
   "path": "/definitions/BlockDeviceMapping/requiredXor",
@@ -13,18 +25,6 @@
   "path": "/definitions/BlockDeviceMapping/properties/VirtualName/pattern",
   "value": "^ephemeral([0-9]|[1][0-9]|[2][0-3])$"
  },
- {
-  "op": "add",
-  "path": "/dependentExcluded",
-  "value": {
-   "NetworkInterfaces": [
-    "SubnetId"
-   ],
-   "SubnetId": [
-    "NetworkInterfaces"
-   ]
-  }
- },
  {
   "op": "add",
   "path": "/definitions/NetworkInterface/dependentExcluded",

src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroup/manual.json

@@ -8,21 +8,6 @@
    ]
   }
  },
- {
-  "op": "add",
-  "path": "/properties/GroupDescription/maxLength",
-  "value": 255
- },
- {
-  "op": "add",
-  "path": "/properties/GroupDescription/minLength",
-  "value": 0
- },
- {
-  "op": "add",
-  "path": "/properties/GroupDescription/pattern",
-  "value": "^([a-z,A-Z,0-9,. _\\-:/()#,@[\\]+=&;\\{\\}!$*])*$"
- },
  {
   "op": "add",
   "path": "/definitions/Egress/requiredXor",
@@ -33,6 +18,16 @@
    "DestinationPrefixListId"
   ]
  },
+ {
+  "op": "add",
+  "path": "/definitions/Egress/properties/FromPort/minimum",
+  "value": -1
+ },
+ {
+  "op": "add",
+  "path": "/definitions/Egress/properties/ToPort/minimum",
+  "value": -1
+ },
  {
   "op": "add",
   "path": "/definitions/Ingress/requiredXor",
@@ -56,12 +51,17 @@
  },
  {
   "op": "add",
-  "path": "/definitions/Egress/properties/FromPort/minimum",
-  "value": -1
+  "path": "/properties/GroupDescription/maxLength",
+  "value": 255
  },
  {
   "op": "add",
-  "path": "/definitions/Egress/properties/ToPort/minimum",
-  "value": -1
+  "path": "/properties/GroupDescription/minLength",
+  "value": 0
+ },
+ {
+  "op": "add",
+  "path": "/properties/GroupDescription/pattern",
+  "value": "^([a-z,A-Z,0-9,. _\\-:/()#,@[\\]+=&;\\{\\}!$*])*$"
  }
 ]

src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/manual.json

@@ -4,7 +4,9 @@
   "path": "/requiredXor",
   "value": [
    "CidrBlock",
-   "Ipv4IpamPoolId"
+   "Ipv4IpamPoolId",
+   "Ipv6IpamPoolId",
+   "Ipv6CidrBlock"
   ]
  },
  {
@@ -28,6 +30,12 @@
    ],
    "Ipv4NetmaskLength": [
     "Ipv4IpamPoolId"
+   ],
+   "Ipv6IpamPoolId": [
+    "Ipv6NetmaskLength"
+   ],
+   "Ipv6NetmaskLength": [
+    "Ipv6IpamPoolId"
    ]
   }
  }

src/cfnlint/data/schemas/patches/extensions/all/aws_elasticache_replicationgroup/manual.json

@@ -1,22 +1,22 @@
 [
  {
   "op": "add",
-  "path": "/properties/ReplicasPerNodeGroup/maximum",
-  "value": 5
+  "path": "/properties/NumCacheClusters/maximum",
+  "value": 6
  },
  {
   "op": "add",
-  "path": "/properties/ReplicasPerNodeGroup/minimum",
-  "value": 0
+  "path": "/properties/NumCacheClusters/minimum",
+  "value": 1
  },
  {
   "op": "add",
-  "path": "/properties/NumCacheClusters/maximum",
-  "value": 6
+  "path": "/properties/ReplicasPerNodeGroup/maximum",
+  "value": 5
  },
  {
   "op": "add",
-  "path": "/properties/NumCacheClusters/minimum",
-  "value": 1
+  "path": "/properties/ReplicasPerNodeGroup/minimum",
+  "value": 0
  }
 ]