Fixes issue 697 -- only purge the grants that need to be purged

lib/ansible/modules/cloud/amazon/ec2_group.py

@@ -128,7 +128,7 @@ def make_rule_key(prefix, rule, group_id, cidr_ip):
 def addRulesToLookup(rules, prefix, dict):
     for rule in rules:
         for grant in rule.grants:
-            dict[make_rule_key(prefix, rule, grant.group_id, grant.cidr_ip)] = rule
+            dict[make_rule_key(prefix, rule, grant.group_id, grant.cidr_ip)] = (rule, grant)
 
 
 def get_target_from_rule(module, ec2, rule, name, group, groups, vpc_id):
@@ -304,8 +304,7 @@ def main():
 
         # Finally, remove anything left in the groupRules -- these will be defunct rules
         if purge_rules:
-            for rule in groupRules.itervalues() :
+            for (rule, grant) in groupRules.itervalues() :
-                for grant in rule.grants:
                 grantGroup = None
                 if grant.group_id:
                     grantGroup = groups[grant.group_id]
@@ -369,8 +368,7 @@ def main():
 
         # Finally, remove anything left in the groupRules -- these will be defunct rules
         if purge_rules_egress:
-            for rule in groupRules.itervalues():
+            for (rule, grant) in groupRules.itervalues():
-                for grant in rule.grants:
                 grantGroup = None
                 if grant.group_id:
                     grantGroup = groups[grant.group_id].id