From 3156df9931e3eabb1f3a7dccf02a73e35d97c228 Mon Sep 17 00:00:00 2001
From: Maykel Moya <mmoya@mmoya.org>
Date: Thu, 20 Mar 2014 17:20:21 +0100
Subject: [PATCH] ec2_group: Request a fresh group object after creation

When a group is created, an egress_rule ALLOW ALL to 0.0.0.0/0 is added
automatically but it's not reflected in the object returned by the AWS API
call. After creation we re-read the group for getting an updated object.
---
 library/cloud/ec2_group | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/cloud/ec2_group b/library/cloud/ec2_group
index ede8050c0a9..f15756c97ab 100644
--- a/library/cloud/ec2_group
+++ b/library/cloud/ec2_group
@@ -248,6 +248,12 @@ def main():
             '''no match found, create it'''
             if not module.check_mode:
                 group = ec2.create_security_group(name, description, vpc_id=vpc_id)
+
+                # When a group is created, an egress_rule ALLOW ALL
+                # to 0.0.0.0/0 is added automatically but it's not
+                # reflected in the object returned by the AWS API
+                # call. We re-read the group for getting an updated object
+                group = ec2.get_all_security_groups(group_ids=(group.id,))[0]
             changed = True
     else:
         module.fail_json(msg="Unsupported state requested: %s" % state)