group explainability - Githubissues

np-guard / vpc-network-config-analyzer

A tool for analyzing the configured network connectivity of VPCs as specified by various VPC resources

Apache License 2.0

7 stars 0 forks source link

group explainability #674

Open haim-kermany opened 2 weeks ago

haim-kermany commented 2 weeks ago

when explaining nodeSet, or just a cidr, the explanation is per node, a lot of repeating information. for example - load balancer pIPs will all be block with the same load balancer rule need to revisit

see https://github.com/np-guard/vpc-network-config-analyzer/pull/671#discussion_r1663966438 https://github.com/np-guard/vpc-network-config-analyzer/pull/671#discussion_r1665516830

@ShiriMoran FYI

adisos commented 2 weeks ago

Since "LB rule" (enabled connection from LB to its pool members only) is always in the level of LB itself (of all private IPs ), maybe it should be presented in explainability output before the split (and duplication) to all the nodes (private IPs) explanations?

haim-kermany commented 2 weeks ago

all nodeset can be suffer from the case of "one rule control them all", for example, two nodesets of the size of 4 which are not on the same vpc - will get the exact same explain 16 times.