[cloud]Ensure SGs in default VPCs get default egress rule (#38018)

SGs created when a VPC ID was not specified would not necessarily get the default egress rule, even when no explicit egress rules were set. Add some checks for egress rules in results from existing tests
2026-05-08 06:12:51 +00:00 · 2018-03-29 02:53:35 +10:00
parent 9dfb665e43
commit 98b29f8ad6
2 changed files with 7 additions and 1 deletions
--- a/lib/ansible/modules/cloud/amazon/ec2_group.py
+++ b/lib/ansible/modules/cloud/amazon/ec2_group.py
@@ -941,7 +941,7 @@ def main():
                    # If rule already exists, don't later delete it
                    changed, ip_permission = authorize_ip("out", changed, client, group, groupRules, ipv6,
                                                          ip_permission, module, rule, "ipv6")
-        elif vpc_id is not None:
+        elif 'VpcId' in group:
            # when no egress rules are specified and we're in a VPC,
            # we add in a default allow all out rule, which was the
            # default behavior before egress rules were added