Got following error when creating security group ingress rule with esp protocol using AWS cloudformation: `Invalid value ‘esp’ for IP protocol. Unknown protocol.` AWS Cloudformation does not support protocol name `esp`, but it does support protocol number [1], and the esp protocol number is 50 [2] Replace `IpProtocol: esp` with `IpProtocol: 50` in the following lines https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/03_cluster_security.yaml#L163 https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/03_cluster_security.yaml#L191 https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/03_cluster_security.yaml#L359 https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/03_cluster_security.yaml#L387 [1][AWS::EC2::SecurityGroupIngress - AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html#cfn-ec2-security-group-ingress-ipprotocol) [2][Protocol Numbers](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)
This was introduced in the fix for https://bugzilla.redhat.com/show_bug.cgi?id=1916373. Assigning to Mark.
Hi, did this fail the installation or did the installation proceed?
(In reply to Mark Gray from comment #2) > Hi, did this fail the installation or did the installation proceed? The cloudformation stack can not been created successfully due to error `Invalid value ‘esp’ for IP protocol. Unknown protocol.` It blocks the installation process.
verified. PASS. OCP version: 4.7.0-0.nightly-2021-01-21-090809