From 06704bb94fb17e1875baa8f3332cf310691ed66e Mon Sep 17 00:00:00 2001
From: Justin Santa Barbara <justin@fathomdb.com>
Date: Wed, 25 Mar 2015 09:56:53 -0700
Subject: [PATCH] Security group should be scoped to our vpc

Note that security group names only need to be unique with a VPC as well,
which is handy here.
---
 cluster/aws/util.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/cluster/aws/util.sh b/cluster/aws/util.sh
index a6648ef4bcc..e2ef4cf2823 100644
--- a/cluster/aws/util.sh
+++ b/cluster/aws/util.sh
@@ -53,10 +53,6 @@ function get_route_table_id {
   python -c "import json,sys; lst = [str(route_table['RouteTableId']) for route_table in json.load(sys.stdin)['RouteTables'] if route_table['VpcId'] == '$1']; print ''.join(lst)"
 }
 
-function get_sec_group_id {
-  python -c 'import json,sys; lst = [str(group["GroupId"]) for group in json.load(sys.stdin)["SecurityGroups"] if group["GroupName"] == "kubernetes-sec-group"]; print "".join(lst)'
-}
-
 function get_elbs_in_vpc {
  # ELB doesn't seem to be on the same platform as the rest of AWS; doesn't support filtering
   $AWS_ELB_CMD describe-load-balancers | \
@@ -395,7 +391,11 @@ function kube-up {
 
   echo "Using Route Table $ROUTE_TABLE_ID"
 
-  SEC_GROUP_ID=$($AWS_CMD describe-security-groups | get_sec_group_id)
+  SEC_GROUP_ID=$($AWS_CMD --output text describe-security-groups \
+                          --filters Name=vpc-id,Values=$VPC_ID \
+                                    Name=group-name,Values=kubernetes-sec-group \
+                          --query SecurityGroups[].GroupId \
+                    | tr "\t" "\n")
 
   if [ -z "$SEC_GROUP_ID" ]; then
 	  echo "Creating security group."