EC2: Simplify describe_sg_rules() logic (#5875)

2023-01-24 22:35:55 -01:00 · 2023-01-24 22:35:55 -01:00 · 6d41ad72e0
commit 6d41ad72e0
parent 4700c3efea
2 changed files with 19 additions and 24 deletions
--- a/moto/ec2/models/security_groups.py
+++ b/moto/ec2/models/security_groups.py
@ -521,18 +521,11 @@ class SecurityGroupBackend:
        return matches

    def describe_security_group_rules(self, group_ids=None, filters=None):
-        matches = itertools.chain(*[x.copy().values() for x in self.groups.values()])
-        if group_ids:
-            matches = [grp for grp in matches if grp.id in group_ids]
-            if len(group_ids) > len(matches):
-                unknown_ids = set(group_ids) - set(matches)
-                raise InvalidSecurityGroupNotFoundError(unknown_ids)
-        if filters:
-            matches = [grp for grp in matches if grp.matches_filters(filters)]
-            if not matches:
-                raise InvalidSecurityGroupNotFoundError(
-                    "No security groups found matching the filters provided."
-                )
+        matches = self.describe_security_groups(group_ids=group_ids, filters=filters)
+        if not matches:
+            raise InvalidSecurityGroupNotFoundError(
+                "No security groups found matching the filters provided."
+            )
        rules = []
        for group in matches:
            rules.extend(group.ingress_rules)
--- a/moto/ec2/responses/security_groups.py
+++ b/moto/ec2/responses/security_groups.py
@ -251,20 +251,22 @@ DESCRIBE_SECURITY_GROUP_RULES_RESPONSE = """
 <DescribeSecurityGroupRulesResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/">
  <requestId>{{ request_id }}</requestId>
  <securityGroupRuleSet>
-      {% for rule in rules %}
+    {% for rule in rules %}
    <item>
        {% if rule.from_port is not none %}
-       <fromPort>{{ rule.from_port }}</fromPort>
-       {% endif %}
-       {% if rule.to_port is not none %}
-       <toPort>{{ rule.to_port }}</toPort>
-       {% endif %}
-        <cidrIpv4>{{ rule.ip_ranges[0]['CidrIp'] }}</cidrIpv4>
-      <ipProtocol>{{ rule.ip_protocol }}</ipProtocol>
-      <groupOwnerId>{{ rule.owner_id }}</groupOwnerId>
-      <isEgress>true</isEgress>
-      <securityGroupRuleId>{{ rule.id }}</securityGroupRuleId>
-        </item>
+        <fromPort>{{ rule.from_port }}</fromPort>
+        {% endif %}
+        {% if rule.to_port is not none %}
+          <toPort>{{ rule.to_port }}</toPort>
+        {% endif %}
+        {% if rule.ip_ranges %}
+          <cidrIpv4>{{ rule.ip_ranges[0]['CidrIp'] }}</cidrIpv4>
+        {% endif %}
+        <ipProtocol>{{ rule.ip_protocol }}</ipProtocol>
+        <groupOwnerId>{{ rule.owner_id }}</groupOwnerId>
+        <isEgress>true</isEgress>
+        <securityGroupRuleId>{{ rule.id }}</securityGroupRuleId>
+    </item>
    {% endfor %}
  </securityGroupRuleSet>
 </DescribeSecurityGroupRulesResponse>"""