fix: add ec2>security_group inbound_rule PrefixListIds field

Author: jinyoungmoonDEV

src/plugin/manager/ec2/security_group_manager.py

@@ -70,12 +70,12 @@ def create_cloud_service(self, region, options, secret_data, schema):
                                 )
                             )
 
-                        for _user_group_pairs in in_rule.get("UserIdGroupPairs", []):
+                        for _user_group_pair in in_rule.get("UserIdGroupPairs", []):
                             in_rule_copy = copy.deepcopy(in_rule)
                             inbound_rules.append(
                                 self.custom_security_group_inbound_rule_info(
                                     in_rule_copy,
-                                    _user_group_pairs,
+                                    _user_group_pair,
                                     "user_id_group_pairs",
                                     vulnerable_ports,
                                 )
@@ -126,6 +126,14 @@ def create_cloud_service(self, region, options, secret_data, schema):
                                 )
                             )
 
+                        for prefix_list_id in out_rule.get("PrefixListIds", []):
+                            out_rule_copy = copy.deepcopy(out_rule)
+                            outbound_rules.append(
+                                self.custom_security_group_rule_info(
+                                    out_rule_copy, prefix_list_id, "prefix_list_ids"
+                                )
+                            )
+
                     match_instances = self.get_security_group_map_instances(
                         raw, instances
                     )

src/plugin/manager/ec2_server/security_group_manager.py

@@ -41,6 +41,12 @@ def get_security_group_info(self, security_group_ids, security_groups):
                 for group_pair in inbound_rule.get("UserIdGroupPairs", []):
                     sg_data.update(self.set_group_pairs_data(group_pair))
                     sg.append(sg_data)
+                for _ip_v6_range in inbound_rule.get("Ipv6Ranges", []):
+                    sg_data.update(self.set_group_pairs_data(_ip_v6_range))
+                    sg.append(sg_data)
+                for prefix_list_id in inbound_rule.get("PrefixListIds", []):
+                    sg_data.update(self.set_group_pairs_data(prefix_list_id))
+                    sg.append(sg_data)
 
             # OUTBOUND
             for outbound_rules in match_sg.get("IpPermissionsEgress", []):
@@ -51,6 +57,12 @@ def get_security_group_info(self, security_group_ids, security_groups):
                 for group_pair in outbound_rules.get("UserIdGroupPairs", []):
                     sg_data.update(self.set_group_pairs_data(group_pair))
                     sg.append(sg_data)
+                for _ip_v6_range in outbound_rules.get("Ipv6Ranges", []):
+                    sg_data.update(self.set_group_pairs_data(_ip_v6_range))
+                    sg.append(sg_data)
+                for prefix_list_id in outbound_rules.get("PrefixListIds", []):
+                    sg_data.update(self.set_group_pairs_data(prefix_list_id))
+                    sg.append(sg_data)
         return sg
 
     def set_sg_base_data(self, sg, direction, rule):