From 10d16c2ac02250c5c63571153eba705f58b870e4 Mon Sep 17 00:00:00 2001 From: Patrick Kelley Date: Mon, 11 Aug 2014 13:43:01 -0700 Subject: [PATCH] Fixing issue #40 SG Name Collisions Security Monkey was unaware that security group names in different VPC's could collide. Security group names in EC2 may also collide with a VPC security group name. The fix is to include the security group ID and optionally the VPC ID to the name stored by security_monkey. --- security_monkey/watchers/security_group.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/security_monkey/watchers/security_group.py b/security_monkey/watchers/security_group.py index e03658d39..94c0417bf 100644 --- a/security_monkey/watchers/security_group.py +++ b/security_monkey/watchers/security_group.py @@ -106,7 +106,14 @@ def slurp(self): item_config['rules'].append(rule_config) item_config['rules'] = sorted(item_config['rules']) - item = SecurityGroupItem(region=region.name, account=account, name=sg.name, config=item_config) + # Issue 40: Security Groups can have a name collision between EC2 and + # VPC or between different VPCs within a given region. + if sg.vpc_id: + sg_name = "{0} ({1} in {2})".format(sg.name, sg.id, sg.vpc_id) + else: + sg_name = "{0} ({1})".format(sg.name, sg.id) + + item = SecurityGroupItem(region=region.name, account=account, name=sg_name, config=item_config) item_list.append(item) return item_list, exception_map @@ -119,4 +126,4 @@ def __init__(self, region=None, account=None, name=None, config={}): region=region, account=account, name=name, - new_config=config) \ No newline at end of file + new_config=config)