Fix security group tags. Closes #301.

moto/ec2/models.py

@@ -163,7 +163,7 @@ class NetworkInterface(object):
                 group = self.ec2_backend.get_security_group_from_id(group_id)
                 if not group:
                     # Create with specific group ID.
-                    group = SecurityGroup(group_id, group_id, group_id, vpc_id=subnet.vpc_id)
+                    group = SecurityGroup(group.ec2_backend, group_id, group_id, group_id, vpc_id=subnet.vpc_id)
                     self.ec2_backend.groups[subnet.vpc_id][group_id] = group
                 if group:
                     self._group_set.append(group)
@@ -1016,8 +1016,9 @@ class SecurityRule(object):
         return self.unique_representation == other.unique_representation
 
 
-class SecurityGroup(object):
+class SecurityGroup(TaggedEC2Resource):
-    def __init__(self, group_id, name, description, vpc_id=None):
+    def __init__(self, ec2_backend, group_id, name, description, vpc_id=None):
+        self.ec2_backend = ec2_backend
         self.id = group_id
         self.name = name
         self.description = description
@@ -1116,7 +1117,7 @@ class SecurityGroupBackend(object):
             existing_group = self.get_security_group_from_name(name, vpc_id)
             if existing_group:
                 raise InvalidSecurityGroupDuplicateError(name)
-        group = SecurityGroup(group_id, name, description, vpc_id=vpc_id)
+        group = SecurityGroup(self, group_id, name, description, vpc_id=vpc_id)
 
         self.groups[vpc_id][group_id] = group
         return group

moto/ec2/responses/security_groups.py

@@ -133,6 +133,16 @@ DESCRIBE_SECURITY_GROUPS_RESPONSE = """<DescribeSecurityGroupsResponse xmlns="ht
                 {% endfor %}
              </ipPermissions>
              <ipPermissionsEgress/>
+             <tagSet>
+               {% for tag in group.get_tags() %}
+                 <item>
+                   <resourceId>{{ tag.resource_id }}</resourceId>
+                   <resourceType>{{ tag.resource_type }}</resourceType>
+                   <key>{{ tag.key }}</key>
+                   <value>{{ tag.value }}</value>
+                 </item>
+               {% endfor %}
+             </tagSet>
           </item>
       {% endfor %}
    </securityGroupInfo>

tests/test_ec2/test_security_groups.py

@@ -1,6 +1,6 @@
 from __future__ import unicode_literals
 # Ensure 'assert_raises' context manager support for Python 2.6
-import tests.backport_assert_raises
+import tests.backport_assert_raises  # noqa
 from nose.tools import assert_raises
 
 import boto
@@ -201,7 +201,7 @@ def test_authorize_group_in_vpc():
 def test_get_all_security_groups():
     conn = boto.connect_ec2()
     sg1 = conn.create_security_group(name='test1', description='test1', vpc_id='vpc-mjm05d27')
-    sg2 = conn.create_security_group(name='test2', description='test2')
+    conn.create_security_group(name='test2', description='test2')
 
     resp = conn.get_all_security_groups(groupnames=['test1'])
     resp.should.have.length_of(1)
@@ -232,3 +232,19 @@ def test_authorize_bad_cidr_throws_invalid_parameter_value():
     cm.exception.code.should.equal('InvalidParameterValue')
     cm.exception.status.should.equal(400)
     cm.exception.request_id.should_not.be.none
+
+
+@mock_ec2
+def test_security_group_tagging():
+    conn = boto.connect_vpc()
+    vpc = conn.create_vpc("10.0.0.0/16")
+    sg = conn.create_security_group("test-sg", "Test SG", vpc.id)
+    sg.add_tag("Test", "Tag")
+
+    tag = conn.get_all_tags()[0]
+    tag.name.should.equal("Test")
+    tag.value.should.equal("Tag")
+
+    group = conn.get_all_security_groups("test-sg")[0]
+    group.tags.should.have.length_of(1)
+    group.tags["Test"].should.equal("Tag")