func revoke(c cmd, conn *ec2.EC2, args []string) {
if len(args) < 1 {
c.usage()
}
_, err := conn.RevokeSecurityGroup(parseGroup(args[0]), ipPerms(args[1:]))
check(err, "revokeSecurityGroup")
}
// createGroup creates a new EC2 group and returns it. If it already exists,
// it revokes all its permissions and returns the existing group.
func createGroup(c *gc.C, ec2conn *amzec2.EC2, name, descr string) amzec2.SecurityGroup {
resp, err := ec2conn.CreateSecurityGroup("", name, descr)
if err == nil {
return resp.SecurityGroup
}
if err.(*amzec2.Error).Code != "InvalidGroup.Duplicate" {
c.Fatalf("cannot make group %q: %v", name, err)
}
// Found duplicate group, so revoke its permissions and return it.
gresp, err := ec2conn.SecurityGroups(amzec2.SecurityGroupNames(name), nil)
c.Assert(err, jc.ErrorIsNil)
gi := gresp.Groups[0]
if len(gi.IPPerms) > 0 {
_, err = ec2conn.RevokeSecurityGroup(gi.SecurityGroup, gi.IPPerms)
c.Assert(err, jc.ErrorIsNil)
}
return gi.SecurityGroup
}