search

np-guard / vpc-network-config-analyzer

A tool for analyzing the configured network connectivity of VPCs as specified by various VPC resources
Apache License 2.0
7 stars 0 forks source link

explainability - cases in which only partial info is provided #655

Open ShiriMoran opened 3 months ago

ShiriMoran commented 3 months ago

There are two cases in explainability in which only partial information is provided. These are cases of no connection in which only the reason of "no-connection" is provided. These are the cases

  1. Missing router to external address; the reason only partial info is provided here is that without the router it is not known whether NACL tables are relevant, and so we do not know what are the relevant information
  2. Endpoints in two different VPCs with no transit gateway between them. The issue here is development oriented: our code is VPCConfig oriented, and due to the lack of the transit gateway there is no VPCConfig that contains the relevant endpoints.
ShiriMoran commented 1 month ago

Item 1 - the reason is not valid #751 - thus once we fix #762 this can be fixed as well