Merge branch 'fix_secgroups'

* fix_secgroups: (maint) Improve security_group create error msg Filter on vpc-id for sec groups in EC2-VPC closes #116
puppetlabs-toy-chest · Mar 18, 2015 · 722ccfa · 722ccfa
2 parents 074c0cc + cc16d40
commit 722ccfa
Showing 1 changed file with 10 additions and 5 deletions.
diff --git a/lib/puppet/provider/ec2_securitygroup/v2.rb b/lib/puppet/provider/ec2_securitygroup/v2.rb
@@ -131,12 +131,17 @@ def authorize_ingress(new_rules, existing_rules=[])
     to_create.reject(&:nil?).each do |rule|
       if rule.key? 'security_group'
         source_group_name = rule['security_group']
-        group_response = ec2.describe_security_groups(filters: [
-          {name: 'group-name', values: [source_group_name]},
-        ])
-        fail("No groups found called #{source_group_name}") if group_response.data.security_groups.count == 0
+        filters = [ {name: 'group-name', values: [source_group_name]} ]
+        if vpc_only_account?
+          response = ec2.describe_security_groups(group_ids: [@property_hash[:id]])
+          vpc_id = response.data.security_groups.first.vpc_id
+          filters.push( {name: 'vpc-id', values: [vpc_id]} )
+        end
+        group_response = ec2.describe_security_groups(filters: filters)
+        match_count = group_response.data.security_groups.count
+        fail("No groups found called #{source_group_name}") if match_count == 0
         source_group_id = group_response.data.security_groups.first.group_id
-        Puppet.warning "Multiple groups found called #{source_group_name}, using #{source_group_id}" if group_response.data.security_groups.count > 1
+        Puppet.warning "#{match_count} groups found called #{source_group_name}, using #{source_group_id}" if match_count > 1
 
         permissions = ['tcp', 'udp', 'icmp'].collect do |protocol|
           {