From 898375418de9a7a81ca4bb67b2bf4fbcaf172c8a Mon Sep 17 00:00:00 2001
From: Eugene Brevdo <ebrevdo@svbio.com>
Date: Wed, 9 Apr 2014 13:32:47 -0700
Subject: [PATCH] VPC security group membership fix for boto.

* facts now provides a list of existing vpc security group memberships
* adding a comma separated list of sg-* tags properly modifies membership
---
 cloud/rds | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/cloud/rds b/cloud/rds
index cde7c5bcf20..00a4e1a59f8 100644
--- a/cloud/rds
+++ b/cloud/rds
@@ -465,7 +465,9 @@ def main():
         params["security_groups"] = security_groups.split(',')
 
     if vpc_security_groups:
-        params["vpc_security_groups"] = vpc_security_groups.split(',')
+        params["vpc_security_groups"] = [
+            boto.rds.VPCSecurityGroupMembership(vpc_group=x) if x else None
+            for x in vpc_security_groups.split(',')]
 
     if new_instance_name:
         params["new_instance_id"] = new_instance_name
@@ -618,9 +620,14 @@ def main():
     if resource.status == 'available' and command != 'snapshot':
         d["endpoint"] = resource.endpoint[0]
         d["port"] = resource.endpoint[1]
+        if resource.vpc_security_groups is not None:
+            d["vpc_security_groups"] = ','.join(x.vpc_group for x in resource.vpc_security_groups)
+        else:
+            d["vpc_security_groups"] = None
     else:
         d["endpoint"] = None
         d["port"] = None
+        d["vpc_security_groups"] = None
 
     # ReadReplicaSourceDBInstanceIdentifier may or may not exist
     try: