Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nexus API should limit the number of firewall rules #5662

Open
bnaecker opened this issue Apr 29, 2024 · 2 comments
Open

Nexus API should limit the number of firewall rules #5662

bnaecker opened this issue Apr 29, 2024 · 2 comments
Labels
api Related to the API. nexus Related to nexus

Comments

@bnaecker
Copy link
Collaborator

There does not appear to be a limit on the number of firewall rules that a user can express in an API call to Nexus. We should probably add one to avoid huge requests or blowing up OPTE itself with a massive number of rules to match.
@bnaecker bnaecker added api Related to the API. nexus Related to nexus labels Apr 29, 2024
@david-crespo
Copy link
Contributor

david-crespo commented Apr 29, 2024
edited

Will need to test it, but this compiles and the OpenAPI schema generates fine. It might be as easy as this.

#[derive(Clone, Debug, Deserialize, Serialize, JsonSchema)]
pub struct VpcFirewallRuleUpdateParams {
    #[schemars(length(max = 32))]
    pub rules: Vec<VpcFirewallRuleUpdate>,
}

@bnaecker
Copy link
Collaborator Author

That would be great! I think we might need to add some constraints on the VpcFirewallRuleFilter inside these as well, but I'm not sure how to combine those.

@david-crespo david-crespo mentioned this issue May 9, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api Related to the API. nexus Related to nexus
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bnaecker @david-crespo