fix(ec2): Security Groups support all protocols (aws#13593)

Satisfies aws#13497 to close aws#13403

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Author: hollanddd

packages/@aws-cdk/aws-ec2/lib/port.ts

@@ -2,17 +2,158 @@ import { Token } from '@aws-cdk/core';
 
 /**
  * Protocol for use in Connection Rules
+ *
+ * https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
  */
 export enum Protocol {
   ALL = '-1',
+  HOPOPT = '0',
+  ICMP = 'icmp',
+  IGMP = '2',
+  GGP = '3',
+  IPV4 = '4',
+  ST = '5',
   TCP = 'tcp',
+  CBT = '7',
+  EGP = '8',
+  IGP = '9',
+  BBN_RCC_MON = '10',
+  NVP_II = '11',
+  PUP = '12',
+  EMCON = '14',
+  XNET = '15',
+  CHAOS = '16',
   UDP = 'udp',
-  ICMP = 'icmp',
-  ICMPV6 = '58',
-  ESP = 'esp',
-  AH = 'ah',
+  MUX = '18',
+  DCN_MEAS = '19',
+  HMP = '20',
+  PRM = '21',
+  XNS_IDP = '22',
+  TRUNK_1 = '23',
+  TRUNK_2 = '24',
+  LEAF_1 = '25',
+  LEAF_2 = '26',
+  RDP = '27',
+  IRTP = '28',
+  ISO_TP4 = '29',
+  NETBLT = '30',
+  MFE_NSP = '31',
+  MERIT_INP = '32',
+  DCCP = '33',
+  THREEPC = '34',
+  IDPR = '35',
+  XTP = '36',
+  DDP = '37',
+  IDPR_CMTP = '38',
+  TPPLUSPLUS = '39',
+  IL = '40',
+  IPV6 = '41',
+  SDRP = '42',
+  IPV6_ROUTE = '43',
+  IPV6_FRAG = '44',
+  IDRP = '45',
+  RSVP = '46',
+  GRE = '47',
+  DSR = '48',
+  BNA = '49',
+  ESP = '50',
+  AH = '51',
+  I_NLSP = '52',
+  SWIPE = '53',
+  NARP = '54',
+  MOBILE = '55',
+  TLSP = '56',
+  SKIP = '57',
+  ICMPV6 = 'icmpv6',
+  IPV6_NONXT = '59',
+  IPV6_OPTS = '60',
+  CFTP = '62',
+  ANY_LOCAL = '63',
+  SAT_EXPAK = '64',
+  KRYPTOLAN = '65',
+  RVD = '66',
+  IPPC = '67',
+  ANY_DFS = '68',
+  SAT_MON = '69',
+  VISA = '70',
+  IPCV = '71',
+  CPNX = '72',
+  CPHB = '73',
+  WSN = '74',
+  PVP = '75',
+  BR_SAT_MON = '76',
+  SUN_ND = '77',
+  WB_MON = '78',
+  WB_EXPAK = '79',
+  ISO_IP = '80',
+  VMTP = '81',
+  SECURE_VMTP = '82',
+  VINES = '83',
+  TTP = '84',
+  IPTM = '84',
+  NSFNET_IGP = '85',
+  DGP = '86',
+  TCF = '87',
+  EIGRP = '88',
+  OSPFIGP = '89',
+  SPRITE_RPC = '90',
+  LARP = '91',
+  MTP = '92',
+  AX_25 = '93',
+  IPIP = '94',
+  MICP = '95',
+  SCC_SP = '96',
+  ETHERIP = '97',
+  ENCAP = '98',
+  ANY_ENC = '99',
+  GMTP = '100',
+  IFMP = '101',
+  PNNI = '102',
+  PIM = '103',
+  ARIS = '104',
+  SCPS = '105',
+  QNX = '106',
+  A_N = '107',
+  IPCOMP = '108',
+  SNP = '109',
+  COMPAQ_PEER = '110',
+  IPX_IN_IP = '111',
+  VRRP = '112',
+  PGM = '113',
+  ANY_0_HOP = '114',
+  L2_T_P = '115',
+  DDX = '116',
+  IATP = '117',
+  STP = '118',
+  SRP = '119',
+  UTI = '120',
+  SMP = '121',
+  SM = '122',
+  PTP = '123',
+  ISIS_IPV4 = '124',
+  FIRE = '125',
+  CRTP = '126',
+  CRUDP = '127',
+  SSCOPMCE = '128',
+  IPLT = '129',
+  SPS = '130',
+  PIPE = '131',
+  SCTP = '132',
+  FC = '133',
+  RSVP_E2E_IGNORE = '134',
+  MOBILITY_HEADER = '135',
+  UDPLITE = '136',
+  MPLS_IN_IP = '137',
+  MANET = '138',
+  HIP = '139',
+  SHIM6 = '140',
+  WESP = '141',
+  ROHC = '142',
+  ETHERNET = '143',
+  EXPERIMENT_1 = '253',
+  EXPERIMENT_2 = '254',
+  RESERVED = '255',
 }
-
 /**
  * Properties to create a port range
  */

packages/@aws-cdk/aws-ec2/package.json

@@ -314,13 +314,153 @@
       "docs-public-apis:@aws-cdk/aws-ec2.AmazonLinuxStorage",
       "docs-public-apis:@aws-cdk/aws-ec2.OperatingSystemType.LINUX",
       "docs-public-apis:@aws-cdk/aws-ec2.OperatingSystemType.WINDOWS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.AH",
       "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ALL",
-      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TCP",
-      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.UDP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ANY_0_HOP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ANY_DFS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ANY_ENC",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ANY_LOCAL",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ARIS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.AX_25",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.A_N",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.BBN_RCC_MON",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.BNA",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.BR_SAT_MON",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.CBT",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.CFTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.CHAOS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.COMPAQ_PEER",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.CPHB",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.CPNX",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.CRTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.CRUDP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.DCCP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.DCN_MEAS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.DDP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.DDX",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.DGP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.DSR",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.EGP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.EIGRP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.EMCON",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ENCAP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ESP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ETHERIP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ETHERNET",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.EXPERIMENT_1",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.EXPERIMENT_2",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.FC",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.FIRE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.GGP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.GMTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.GRE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.HIP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.HMP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.HOPOPT",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IATP",
       "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ICMP",
       "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ICMPV6",
-      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ESP",
-      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.AH",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IDPR",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IDPR_CMTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IDRP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IFMP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IGMP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IGP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IL",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPCOMP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPCV",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPIP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPLT",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPPC",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPTM",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPV4",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPV6",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPV6_FRAG",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPV6_NONXT",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPV6_OPTS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPV6_ROUTE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IPX_IN_IP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.IRTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ISIS_IPV4",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ISO_IP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ISO_TP4",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.I_NLSP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.KRYPTOLAN",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.L2_T_P",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.LARP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.LEAF_1",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.LEAF_2",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MANET",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MERIT_INP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MFE_NSP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MICP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MOBILE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MOBILITY_HEADER",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MPLS_IN_IP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.MUX",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.NARP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.NETBLT",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.NSFNET_IGP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.NVP_II",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.OSPFIGP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PGM",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PIM",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PIPE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PNNI",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PRM",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PUP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.PVP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.QNX",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.RDP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.RESERVED",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ROHC",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.RSVP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.RSVP_E2E_IGNORE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.RVD",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SAT_EXPAK",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SAT_MON",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SCC_SP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SCPS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SCTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SDRP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SECURE_VMTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SHIM6",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SKIP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SM",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SMP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SNP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SPRITE_RPC",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SPS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SRP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SSCOPMCE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.ST",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.STP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SUN_ND",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.SWIPE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TCF",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TCP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.THREEPC",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TLSP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TPPLUSPLUS",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TRUNK_1",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TRUNK_2",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.TTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.UDP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.UDPLITE",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.UTI",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.VINES",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.VISA",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.VMTP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.VRRP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.WB_EXPAK",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.WB_MON",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.WESP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.WSN",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.XNET",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.XNS_IDP",
+      "docs-public-apis:@aws-cdk/aws-ec2.Protocol.XTP",
       "docs-public-apis:@aws-cdk/aws-ec2.WindowsVersion.WINDOWS_SERVER_2008_SP2_ENGLISH_64BIT_SQL_2008_SP4_EXPRESS",
       "docs-public-apis:@aws-cdk/aws-ec2.WindowsVersion.WINDOWS_SERVER_2012_R2_RTM_CHINESE_SIMPLIFIED_64BIT_BASE",
       "docs-public-apis:@aws-cdk/aws-ec2.WindowsVersion.WINDOWS_SERVER_2012_R2_RTM_CHINESE_TRADITIONAL_64BIT_BASE",

packages/@aws-cdk/aws-ec2/test/integ.vpc.expected.json

@@ -567,20 +567,6 @@
             "FromPort": 800,
             "IpProtocol": "udp",
             "ToPort": 801
-          },
-          {
-            "CidrIp": "0.0.0.0/0",
-            "Description": "from 0.0.0.0/0:ESP 50",
-            "FromPort": 50,
-            "IpProtocol": "esp",
-            "ToPort": 50
-          },
-          {
-            "CidrIp": "0.0.0.0/0",
-            "Description": "from 0.0.0.0/0:AH 51",
-            "FromPort": 51,
-            "IpProtocol": "ah",
-            "ToPort": 51
           }
         ],
         "VpcId": {

packages/@aws-cdk/aws-ec2/test/integ.vpc.ts

@@ -16,8 +16,6 @@ const rules = [
   ec2.Port.allUdp(),
   ec2.Port.udp(123),
   ec2.Port.udpRange(800, 801),
-  ec2.Port.esp(),
-  ec2.Port.ah(),
 ];
 
 for (const rule of rules) {