Fixing issue Netflix#40 SG Name Collisions

Security Monkey was unaware that security group names in different VPC's could collide. Security group names in EC2 may also collide with a VPC security group name. The fix is to include the security group ID and optionally the VPC ID to the name stored by security_monkey.
markofu · Aug 11, 2014 · 10d16c2 · 10d16c2
1 parent 9172472
commit 10d16c2
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/security_monkey/watchers/security_group.py b/security_monkey/watchers/security_group.py
@@ -106,7 +106,14 @@ def slurp(self):
               item_config['rules'].append(rule_config)
           item_config['rules'] = sorted(item_config['rules'])
 
-          item = SecurityGroupItem(region=region.name, account=account, name=sg.name, config=item_config)
+          # Issue 40: Security Groups can have a name collision between EC2 and
+          # VPC or between different VPCs within a given region.
+          if sg.vpc_id:
+              sg_name = "{0} ({1} in {2})".format(sg.name, sg.id, sg.vpc_id)
+          else:
+              sg_name = "{0} ({1})".format(sg.name, sg.id)
+
+          item = SecurityGroupItem(region=region.name, account=account, name=sg_name, config=item_config)
           item_list.append(item)
 
     return item_list, exception_map
@@ -119,4 +126,4 @@ def __init__(self, region=None, account=None, name=None, config={}):
       region=region,
       account=account,
       name=name,
-      new_config=config)
+      new_config=config)