From 68cddb28ea3d6d12aa4f51a4841113c70ceabc4f Mon Sep 17 00:00:00 2001
From: Jesse Millan <jesse.millan@oracle.com>
Date: Fri, 23 Jul 2021 17:26:43 -0700
Subject: [PATCH] Ensure NAT-GW IP is in CIDR format for sec-list. (#43)

---
 oke/oke_manager_client.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/oke/oke_manager_client.go b/oke/oke_manager_client.go
index ff14540..ae08ff3 100644
--- a/oke/oke_manager_client.go
+++ b/oke/oke_manager_client.go
@@ -1464,9 +1464,10 @@ func (mgr *ClusterManagerClient) CreateVCNAndNetworkResources(state *State) (str
 				Source:   common.String(vcnCIDRBlock),
 			})
 			// Allow internal traffic from NAT gateway to the bastion by default
+			natCIDR := *ngResp.NatIp + "/32"
 			bastionSecList.IngressSecurityRules = append(bastionSecList.IngressSecurityRules, core.IngressSecurityRule{
 				Protocol: common.String("all"),
-				Source:   ngResp.NatIp,
+				Source:   &natCIDR,
 			})
 
 			// Allow outgoing traffic to VCN from the bastion by default