@Override public SecurityGroup apply(ZoneSecurityGroupNamePortsCidrs input) { checkNotNull(input, "input"); String zoneId = input.getZone(); Zone zone = zoneIdToZone.get().getUnchecked(zoneId); checkArgument(supportsSecurityGroups().apply(zone), "Security groups are required, but the zone %s does not support security groups", zoneId); logger.debug(">> creating securityGroup %s", input); try { SecurityGroup securityGroup = client.getSecurityGroupApi().createSecurityGroup(input.getName()); logger.debug("<< created securityGroup(%s)", securityGroup); ImmutableSet<String> cidrs; if (!input.getCidrs().isEmpty()) { cidrs = ImmutableSet.copyOf(input.getCidrs()); } else { cidrs = ImmutableSet.of("0.0.0.0/0"); } for (int port : input.getPorts()) { authorizeGroupToItselfAndToTCPPortAndCidr(client, securityGroup, port, cidrs); } return securityGroup; } catch (IllegalStateException e) { logger.trace("<< trying to find securityGroup(%s): %s", input, e.getMessage()); SecurityGroup group = client.getSecurityGroupApi().getSecurityGroupByName(input.getName()); logger.debug("<< reused securityGroup(%s)", group.getId()); return group; } }