lib/terraforming/resource/security_group.rb in terraforming-0.7.0 vs lib/terraforming/resource/security_group.rb in terraforming-0.8.0

@@ -72,17 +72,22 @@
       def group_hashcode_of(group)
         Zlib.crc32(group)
       end
 
       def module_name_of(security_group)
-        normalize_module_name("#{security_group.group_id}-#{security_group.group_name}")
+        if security_group.vpc_id.nil?
+          normalize_module_name("#{security_group.group_name}")
+        else
+          normalize_module_name("#{security_group.vpc_id}-#{security_group.group_name}")
+        end
       end
 
       def permission_attributes_of(security_group, permission, type)
         hashcode = permission_hashcode_of(security_group, permission)
-        security_groups = security_groups_in(permission).reject { |group_id| group_id == security_group.group_id }
+        security_groups = security_groups_in(permission, security_group).reject { |group_name| group_name == security_group.group_name }.reject { |group_id| group_id == security_group.group_id }
 
+
         attributes = {
           "#{type}.#{hashcode}.from_port" => (permission.from_port || 0).to_s,
           "#{type}.#{hashcode}.to_port" => (permission.to_port || 0).to_s,
           "#{type}.#{hashcode}.protocol" => permission.ip_protocol,
           "#{type}.#{hashcode}.cidr_blocks.#" => permission.ip_ranges.length.to_s,
@@ -136,24 +141,35 @@
           "#{permission.to_port || 0}-" <<
           "#{permission.ip_protocol}-" <<
           "#{self_referenced_permission?(security_group, permission).to_s}-"
 
         permission.ip_ranges.each { |range| string << "#{range.cidr_ip}-" }
-        security_groups_in(permission).each { |group| string << "#{group}-" }
+        security_groups_in(permission, security_group).each { |group| string << "#{group}-" }
 
         Zlib.crc32(string)
       end
 
       def self_referenced_permission?(security_group, permission)
-        security_groups_in(permission).include?(security_group.group_id)
+        (security_groups_in(permission, security_group) & [security_group.group_id, security_group.group_name]).any?
       end
 
       def security_groups
         @client.describe_security_groups.security_groups
       end
 
-      def security_groups_in(permission)
-        permission.user_id_group_pairs.map { |range| range.group_id }
+      def security_groups_in(permission, security_group)
+        permission.user_id_group_pairs.map { |range|
+          # EC2-Classic, same account
+          if security_group.owner_id == range.user_id && !range.group_name.nil?
+            range.group_name
+          # VPC
+          elsif security_group.owner_id == range.user_id && range.group_name.nil?
+            range.group_id
+          # EC2-Classic, other account
+          else
+            "#{range.user_id}/#{range.group_name}"
+          end
+        }
       end
 
       def tags_attributes_of(security_group)
         tags = security_group.tags
         attributes = { "tags.#" => tags.length.to_s }