From 4fa5be320b80d3c6bc4f333bc44b60a8303c159d Mon Sep 17 00:00:00 2001 From: Micah Hausler Date: Fri, 22 Dec 2017 17:10:36 -0500 Subject: [PATCH] Fix AWS NLB delete error --- pkg/cloudprovider/providers/aws/aws.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pkg/cloudprovider/providers/aws/aws.go b/pkg/cloudprovider/providers/aws/aws.go index 41a4a4b5041..bd28a18a600 100644 --- a/pkg/cloudprovider/providers/aws/aws.go +++ b/pkg/cloudprovider/providers/aws/aws.go @@ -3902,12 +3902,22 @@ func (c *Cloud) EnsureLoadBalancerDeleted(clusterName string, service *v1.Servic } } - if len(v4rangesToRemove) > 0 || len(v6rangesToRemove) > 0 { + // ipv4 and ipv6 removals cannot be included in the same permission + if len(v4rangesToRemove) > 0 { // create a new *IpPermission to not accidentally remove UserIdGroupPairs removedPermission := &ec2.IpPermission{ FromPort: matchingGroups[i].IpPermissions[j].FromPort, IpProtocol: matchingGroups[i].IpPermissions[j].IpProtocol, IpRanges: v4rangesToRemove, + ToPort: matchingGroups[i].IpPermissions[j].ToPort, + } + removes = append(removes, removedPermission) + } + if len(v6rangesToRemove) > 0 { + // create a new *IpPermission to not accidentally remove UserIdGroupPairs + removedPermission := &ec2.IpPermission{ + FromPort: matchingGroups[i].IpPermissions[j].FromPort, + IpProtocol: matchingGroups[i].IpPermissions[j].IpProtocol, Ipv6Ranges: v6rangesToRemove, ToPort: matchingGroups[i].IpPermissions[j].ToPort, }