From 2cf97ef19394b41f7834a5f5c431f08b26b9ea0c Mon Sep 17 00:00:00 2001
From: Shawn Falkner-Horine <dreadpirateshawn@gmail.com>
Date: Wed, 10 Sep 2014 11:15:43 -0700
Subject: [PATCH] VPC: Added default security group upon creation.

---
 moto/ec2/models.py          | 13 +++++++++++--
 tests/test_ec2/test_vpcs.py | 16 ++++++++++++++++
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/moto/ec2/models.py b/moto/ec2/models.py
index e64e78e09..13dba1231 100644
--- a/moto/ec2/models.py
+++ b/moto/ec2/models.py
@@ -857,7 +857,7 @@ class SecurityGroupBackend(object):
 
         if name == 'default':
             # If the request is for the default group and it does not exist, create it
-            default_group = ec2_backend.create_security_group("default", "The default security group", force=True)
+            default_group = ec2_backend.create_security_group("default", "The default security group", vpc_id=vpc_id, force=True)
             return default_group
 
     def authorize_security_group_ingress(self,
@@ -1116,9 +1116,13 @@ class VPCBackend(object):
         vpc = VPC(vpc_id, cidr_block)
         self.vpcs[vpc_id] = vpc
 
-        # AWS creates a default main route table.
+        # AWS creates a default main route table and security group.
         main_route_table = self.create_route_table(vpc_id, main=True)
 
+        default = ec2_backend.get_security_group_from_name('default', vpc_id=vpc_id)
+        if not default:
+            ec2_backend.create_security_group('default', 'default VPC security group', vpc_id=vpc_id)
+
         return vpc
 
     def get_vpc(self, vpc_id):
@@ -1140,6 +1144,11 @@ class VPCBackend(object):
         for route_table in route_tables:
             ec2_backend.delete_route_table(route_table.id)
 
+        # Delete default security group if exists.
+        default = ec2_backend.get_security_group_from_name('default', vpc_id=vpc_id)
+        if default:
+            ec2_backend.delete_security_group(group_id=default.id)
+
         # Now delete VPC.
         vpc = self.vpcs.pop(vpc_id, None)
         if not vpc:
diff --git a/tests/test_ec2/test_vpcs.py b/tests/test_ec2/test_vpcs.py
index c121d0a52..05a5e865e 100644
--- a/tests/test_ec2/test_vpcs.py
+++ b/tests/test_ec2/test_vpcs.py
@@ -31,6 +31,22 @@ def test_vpcs():
     cm.exception.request_id.should_not.be.none
 
 
+@mock_ec2
+def test_vpc_defaults():
+    conn = boto.connect_vpc('the_key', 'the_secret')
+    vpc = conn.create_vpc("10.0.0.0/16")
+
+    conn.get_all_vpcs().should.have.length_of(1)
+    conn.get_all_route_tables().should.have.length_of(1)
+    conn.get_all_security_groups().should.have.length_of(1)
+
+    vpc.delete()
+
+    conn.get_all_vpcs().should.have.length_of(0)
+    conn.get_all_route_tables().should.have.length_of(0)
+    conn.get_all_security_groups().should.have.length_of(0)
+
+
 @mock_ec2
 def test_vpc_tagging():
     conn = boto.connect_vpc()