From 940e2402811cf42d6480cfbddc93fc9623d5b6db Mon Sep 17 00:00:00 2001 From: Jonathan Goldwasser Date: Fri, 4 Jun 2021 18:10:50 +0200 Subject: [PATCH] chore(ec2): remove egress rule warning when using allowFrom() (#14677) No need to warn the user if the `addEgressRule()` call came from a `allowTo()` or ` allowFrom()` call because he can't do anything about it. Closes #13523 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2/lib/security-group.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-ec2/lib/security-group.ts b/packages/@aws-cdk/aws-ec2/lib/security-group.ts index c56a6b9dd34d1..90613e3904475 100644 --- a/packages/@aws-cdk/aws-ec2/lib/security-group.ts +++ b/packages/@aws-cdk/aws-ec2/lib/security-group.ts @@ -463,7 +463,9 @@ export class SecurityGroup extends SecurityGroupBase { // In the case of "allowAllOutbound", we don't add any more rules. There // is only one rule which allows all traffic and that subsumes any other // rule. - Annotations.of(this).addWarning('Ignoring Egress rule since \'allowAllOutbound\' is set to true; To add customize rules, set allowAllOutbound=false on the SecurityGroup'); + if (!remoteRule) { // Warn only if addEgressRule() was explicitely called + Annotations.of(this).addWarning('Ignoring Egress rule since \'allowAllOutbound\' is set to true; To add customize rules, set allowAllOutbound=false on the SecurityGroup'); + } return; } else { // Otherwise, if the bogus rule exists we can now remove it because the