fog 1.0.0 → 1.1.0

data/lib/fog/zerigo/requests/dns/update_host.rb

@@ -18,7 +18,7 @@ module Fog
         # * response<~Excon::Response>: 
         #   * 'status'<~Integer> - 200 for success
         #
-        def update_host( host_id, options = {})
+        def update_host(host_id, options = {})
 
           optional_tags= ''
           options.each { |option, value|
@@ -47,6 +47,25 @@ module Fog
         end
 
       end
+
+      class Mock # :nodoc:all
+        def update_host(host_id, options = {})
+          host = find_host(host_id)
+
+          response = Excon::Response.new
+
+          if host
+            options.each { |k, v| host[k.to_s] = v } # Deal with symbols in requests but strings in responses.
+            host['updated-at'] = Time.now
+
+            response.status = 200
+          else
+            response.status = 404
+          end
+
+          response
+        end
+      end
     end
   end
 end

data/lib/fog/zerigo/requests/dns/update_zone.rb

@@ -24,7 +24,7 @@ module Fog
         # ==== Returns
         # * response<~Excon::Response>:
         #   * 'status'<~Integer> - 200 for success
-        def update_zone( zone_id, options = {})
+        def update_zone(zone_id, options = {})
 
           optional_tags= ''
           options.each { |option, value|
@@ -65,6 +65,25 @@ module Fog
         end
 
       end
+
+      class Mock # :nodoc:all
+        def update_zone(zone_id, options = {})
+          zone = find_by_zone_id(zone_id)
+
+          response = Excon::Response.new
+
+          if zone
+            options.each { |k, v| zone[k.to_s] = v } # Deal with symbols in requests but strings in responses.
+            zone['updated-at'] = Time.now
+
+            response.status = 200
+          else
+            response.status = 404
+          end
+
+          response
+        end
+      end
     end
   end
 end

data/tests/aws/models/cloud_watch/alarm_data_tests.rb

@@ -0,0 +1,42 @@
+Shindo.tests("AWS::CloudWatch | alarm_data", ['aws', 'cloudwatch']) do
+
+  pending if Fog.mocking?
+
+  tests('success') do
+    tests("#all").succeeds do
+      Fog::AWS[:cloud_watch].alarm_data.all
+    end
+
+    alarm_name_prefix = {'AlarmNamePrefix'=>'tmp'}
+    tests("#all_by_prefix").succeeds do
+      Fog::AWS[:cloud_watch].alarm_data.all(alarm_name_prefix)
+    end
+
+    namespace = 'AWS/EC2'
+    metric_name = 'CPUUtilization'
+
+    tests("#get").succeeds do
+      Fog::AWS[:cloud_watch].alarm_data.get(namespace, metric_name).to_json
+    end
+
+    new_attributes = {
+      :alarm_name => 'tmp-alarm',
+      :comparison_operator => 'GreaterThanOrEqualToThreshold',
+      :evaluation_periods => 1,
+      :metric_name => 'tmp-metric-alarm',
+      :namespace => 'fog-0.11.0',
+      :period => 60,
+      :statistic => 'Sum',
+      :threshold => 5
+      }
+    tests('#new').returns(new_attributes) do
+      Fog::AWS[:cloud_watch].alarm_data.new(new_attributes).attributes
+    end
+
+    tests('#create').returns(new_attributes) do
+      Fog::AWS[:cloud_watch].alarm_data.create(new_attributes).attributes
+    end
+
+  end
+
+end

data/tests/aws/models/cloud_watch/alarm_history_tests.rb

@@ -0,0 +1,22 @@
+Shindo.tests("AWS::CloudWatch | alarm_histories", ['aws', 'cloudwatch']) do
+
+  pending if Fog.mocking?
+
+  tests('success') do
+    tests("#all").succeeds do
+      Fog::AWS[:cloud_watch].alarm_histories.all
+    end
+
+  new_attributes = {
+      :alarm_name => 'tmp-alarm',
+      :end_date => '',
+      :history_item_type => 'StateUpdate',
+      :max_records => 1,
+      :start_date => ''
+    }
+    tests('#new').returns(new_attributes) do
+      Fog::AWS[:cloud_watch].alarm_histories.new(new_attributes).attributes
+    end
+  end
+
+end

data/tests/aws/models/compute/security_group_tests.rb

@@ -2,17 +2,10 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
 
   model_tests(Fog::Compute[:aws].security_groups, {:description => 'foggroupdescription', :name => 'foggroupname'}, true)
 
-  tests("a group with trailing whitespace") do
-    @group = Fog::Compute[:aws].security_groups.create(:name => "foggroup with spaces   ", :description => "   fog group desc   ")
-    test("name is correct") do
-      @group.name ==  "foggroup with spaces   "
-    end
-
-    test("description is correct") do
-      @group.description == "   fog group desc   "
-    end
+  tests("authorize and revoke helpers") do
+    @group = Fog::Compute[:aws].security_groups.create(:name => "foggroup", :description => "fog group desc")
 
-    @other_group = Fog::Compute[:aws].security_groups.create(:name => 'other group', :description => 'another group')
+    @other_group = Fog::Compute[:aws].security_groups.create(:name => 'fog other group', :description => 'another fog group')
 
     test("authorize access by another security group") do
       @group.authorize_group_and_owner(@other_group.name)
@@ -26,6 +19,18 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
       @group.ip_permissions.empty?
     end
 
+    test("authorize access to a port range") do
+      @group.authorize_port_range(5000..6000)
+      @group.reload
+      @group.ip_permissions.size == 1
+    end
+
+    test("revoke access to a port range") do
+      @group.revoke_port_range(5000..6000)
+      @group.reload
+      @group.ip_permissions.empty?
+    end
+
     @other_group.destroy
     @group.destroy
   end

data/tests/aws/models/elb/model_tests.rb

@@ -33,7 +33,7 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
 
     tests('create') do
       tests('without availability zones') do
-        elb = Fog::AWS[:elb].load_balancers.create(:id => elb_id)
+        elb = Fog::AWS[:elb].load_balancers.create(:id => elb_id, :availability_zones => @availability_zones)
         tests("availability zones are correct").returns(@availability_zones.sort) { elb.availability_zones.sort }
         tests("dns names is set").returns(true) { elb.dns_name.is_a?(String) }
         tests("created_at is set").returns(true) { Time === elb.created_at }
@@ -54,7 +54,7 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
       # Need to sleep here for IAM changes to propgate
       tests('with ListenerDescriptions') do
         @certificate = Fog::AWS[:iam].upload_server_certificate(AWS::IAM::SERVER_CERT_PUBLIC_KEY, AWS::IAM::SERVER_CERT_PRIVATE_KEY, @key_name).body['Certificate']
-        sleep(8) unless Fog.mocking?
+        sleep(10) unless Fog.mocking?
         listeners = [{
             'Listener' => {
               'LoadBalancerPort' => 2030, 'InstancePort' => 2030, 'Protocol' => 'HTTP'
@@ -67,7 +67,7 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
             },
             'PolicyNames' => []
           }]
-        elb3 = Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-3", 'ListenerDescriptions' => listeners)
+        elb3 = Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-3", 'ListenerDescriptions' => listeners, :availability_zones => @availability_zones)
         tests('there are 2 listeners').returns(2) { elb3.listeners.count }
         tests('instance_port is 2030').returns(2030) { elb3.listeners.first.instance_port }
         tests('lb_port is 2030').returns(2030) { elb3.listeners.first.lb_port }
@@ -81,7 +81,7 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
           'Listener' => {
           'LoadBalancerPort' => 443, 'InstancePort' => 80, 'Protocol' => 'HTTPS', "SSLCertificateId" => "fakecert"}
         }]
-        Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-4", "ListenerDescriptions" => listeners)
+        Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-4", "ListenerDescriptions" => listeners, :availability_zones => @availability_zones)
       end
     end
 

data/tests/aws/requests/cloud_formation/stack_tests.rb

@@ -18,6 +18,11 @@ Shindo.tests('AWS::CloudFormation | stack requests', ['aws', 'cloudformation'])
     'StackId'   => String
   }
 
+  @update_stack_format = {
+    'RequestId' => String,
+    'StackId'   => String
+  }
+
   @get_template_format = {
     'RequestId'     => String,
     'TemplateBody'  => String
@@ -103,6 +108,15 @@ Shindo.tests('AWS::CloudFormation | stack requests', ['aws', 'cloudformation'])
       ).body
     end
 
+    tests("update_stack('#{@stack_name}', 'TemplateURL' => '#{@template_url}', Parameters => {'KeyName' => 'cloudformation'})").formats(@update_stack_format) do
+      pending if Fog.mocking?
+      Fog::AWS[:cloud_formation].update_stack(
+        @stack_name,
+        'TemplateURL' => @template_url,
+        'Parameters'  => {'KeyName' => 'cloudformation'}
+      ).body
+    end
+
     tests("get_template('#{@stack_name})").formats(@get_template_format) do
       pending if Fog.mocking?
       Fog::AWS[:cloud_formation].get_template(@stack_name).body

data/tests/aws/requests/cloud_watch/list_metrics_test.rb

@@ -3,9 +3,9 @@ Shindo.tests('AWS::CloudWatch | metric requests', ['aws', 'cloudwatch']) do
   tests('success') do
     @metrics_list_format = {
       'ListMetricsResult' => {
-        'Metrics' => 
+        'Metrics' =>
           [{
-            'Dimensions' => 
+            'Dimensions' =>
             [{
               'Name' => String,
               'Value' => String
@@ -20,9 +20,9 @@ Shindo.tests('AWS::CloudWatch | metric requests', ['aws', 'cloudwatch']) do
     @instanceId = 'i-2f3eab59'
     @dimension_filtered_metrics_list_format = {
       'ListMetricsResult' => {
-        'Metrics' => 
+        'Metrics' =>
           [{
-            'Dimensions' => 
+            'Dimensions' =>
             [{
               'Name' => 'InstanceId',
               'Value' => @instanceId
@@ -61,4 +61,4 @@ Shindo.tests('AWS::CloudWatch | metric requests', ['aws', 'cloudwatch']) do
       end
     end
   end
-end
+end

data/tests/aws/requests/compute/image_tests.rb

@@ -31,6 +31,11 @@ Shindo.tests('Fog::Compute[:aws] | image requests', ['aws']) do
     'requestId'             => String
   }
 
+  @modify_image_attribute_format = {
+    'return'                => Fog::Boolean,
+    'requestId'             => String
+  }
+
   tests('success') do
     # the result for this is HUGE and relatively uninteresting...
     # tests("#describe_images").formats(@images_format) do
@@ -39,6 +44,8 @@ Shindo.tests('Fog::Compute[:aws] | image requests', ['aws']) do
     @image_id = 'ami-1aad5273'
 
     if Fog.mocking?
+      @other_account = Fog::Compute::AWS.new(:aws_access_key_id => 'other', :aws_secret_access_key => 'account')
+
       tests("#register_image").formats(@register_image_format) do
         @image = Fog::Compute[:aws].register_image('image', 'image', '/dev/sda1').body
       end
@@ -53,6 +60,26 @@ Shindo.tests('Fog::Compute[:aws] | image requests', ['aws']) do
       tests("#describe_images('state' => 'available')").formats(@describe_images_format) do
         Fog::Compute[:aws].describe_images('state' => 'available').body
       end
+
+      tests("other_account#describe_images('image-id' => '#{@image_id}')").returns([]) do
+        @other_account.describe_images('image-id' => @image_id).body['imagesSet']
+      end
+
+      tests("#modify_image_attribute('#{@image_id}', 'Add.UserId' => ['#{@other_account.data[:owner_id]}'])").formats(@modify_image_attribute_format) do
+        Fog::Compute[:aws].modify_image_attribute(@image_id, { 'Add.UserId' => [@other_account.data[:owner_id]] }).body
+      end
+
+      tests("other_account#describe_images('image-id' => '#{@image_id}')").returns([@image_id]) do
+        @other_account.describe_images('image-id' => @image_id).body['imagesSet'].map {|i| i['imageId'] }
+      end
+
+      tests("#modify_image_attribute('#{@image_id}', 'Remove.UserId' => ['#{@other_account.data[:owner_id]}'])").formats(@modify_image_attribute_format) do
+        Fog::Compute[:aws].modify_image_attribute(@image_id, { 'Remove.UserId' => [@other_account.data[:owner_id]] }).body
+      end
+
+      tests("other_account#describe_images('image-id' => '#{@image_id}')").returns([]) do
+        @other_account.describe_images('image-id' => @image_id).body['imagesSet']
+      end
     end
 
     tests("#describe_images('image-id' => '#{@image_id}')").formats(@describe_images_format) do
@@ -67,10 +94,14 @@ Shindo.tests('Fog::Compute[:aws] | image requests', ['aws']) do
   end
 
   tests('failure') do
-    pending if Fog.mocking?
-
     tests("#modify_image_attribute(nil, { 'Add.Group' => ['all'] })").raises(ArgumentError) do
       Fog::Compute[:aws].modify_image_attribute(nil, { 'Add.Group' => ['all'] }).body
     end
+
+    tests("#modify_image_attribute('ami-00000000', { 'Add.UserId' => ['123456789012'] })").raises(Fog::Compute::AWS::NotFound) do
+      pending unless Fog.mocking?
+
+      Fog::Compute[:aws].modify_image_attribute('ami-00000000', { 'Add.UserId' => ['123456789012'] }).body
+    end
   end
 end

data/tests/aws/requests/compute/instance_tests.rb

@@ -126,7 +126,7 @@ Shindo.tests('Fog::Compute[:aws] | instance requests', ['aws']) do
 
     @instance_id = nil
     # Use a MS Windows AMI to test #get_password_data
-    @windows_ami = 'ami-1cbd4475' # Microsoft Windows Server 2008 R2 Base 64-bit
+    @windows_ami = 'ami-62bd440b' # Amazon Public Images - Basic Microsoft Windows Server 2008 64-bit
 
     # Create a keypair for decrypting the password
     key_name = 'fog-test-key'
@@ -138,6 +138,21 @@ Shindo.tests('Fog::Compute[:aws] | instance requests', ['aws']) do
       data
     end
 
+    if Fog.mocking?
+      # Ensure the new instance doesn't show up in mock describe_instances right away
+      tests("#describe_instances").formats(@describe_instances_format) do
+        body = Fog::Compute[:aws].describe_instances.body
+        instance_ids = body['reservationSet'].map {|reservation| reservation['instancesSet'].map {|instance| instance['instanceId'] } }.flatten
+        test("doesn't include the new instance") { !instance_ids.include?(@instance_id) }
+        body
+      end
+
+      # But querying for the new instance directly should raise an error
+      tests("#describe_instances('instance-id' => '#{@instance_id}')").raises(Fog::Compute::AWS::NotFound) do
+        Fog::Compute[:aws].describe_instances('instance-id' => @instance_id)
+      end
+    end
+
     server = Fog::Compute[:aws].servers.get(@instance_id)
     while server.nil? do
       # It may take a moment to get the server after launching it

data/tests/aws/requests/compute/security_group_tests.rb

@@ -25,25 +25,207 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
       Fog::Compute[:aws].create_security_group('fog_security_group', 'tests group').body
     end
 
-    tests("#authorize_security_group_ingress('fog_security_group', {'FromPort' => 80, 'IpProtocol' => 'tcp', 'toPort' => 80})").formats(AWS::Compute::Formats::BASIC) do
-      Fog::Compute[:aws].authorize_security_group_ingress(
-        'fog_security_group',
+    tests("#create_security_group('fog_security_group_two', 'tests group')").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].create_security_group('fog_security_group_two', 'tests group').body
+    end
+
+    to_be_revoked = []
+    expected_permissions = []
+
+    permission = { 'SourceSecurityGroupName' => 'default' }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
+    end
+
+    to_be_revoked.push([permission, expected_permissions.dup])
+
+    expected_permissions = [
+      {"groups"=>[{"groupName"=>"default", "userId"=>@owner_id}],
+        "fromPort"=>1,
+        "ipRanges"=>[],
+        "ipProtocol"=>"tcp",
+        "toPort"=>65535},
+      {"groups"=>[{"groupName"=>"default", "userId"=>@owner_id}],
+        "fromPort"=>1,
+        "ipRanges"=>[],
+        "ipProtocol"=>"udp",
+        "toPort"=>65535},
+      {"groups"=>[{"groupName"=>"default", "userId"=>@owner_id}],
+        "fromPort"=>-1,
+        "ipRanges"=>[],
+        "ipProtocol"=>"icmp",
+        "toPort"=>-1}
+    ]
+
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+    end
+
+    permission = { 'SourceSecurityGroupName' => 'fog_security_group_two', 'SourceSecurityGroupOwnerId' => @owner_id }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
+    end
+
+    to_be_revoked.push([permission, expected_permissions.dup])
+
+    expected_permissions = [
+      {"groups"=>
+        [{"userId"=>@owner_id, "groupName"=>"default"},
+          {"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
+        "ipRanges"=>[],
+        "ipProtocol"=>"tcp",
+        "fromPort"=>1,
+        "toPort"=>65535},
+      {"groups"=>
+        [{"userId"=>@owner_id, "groupName"=>"default"},
+          {"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
+        "ipRanges"=>[],
+        "ipProtocol"=>"udp",
+        "fromPort"=>1,
+        "toPort"=>65535},
+      {"groups"=>
+        [{"userId"=>@owner_id, "groupName"=>"default"},
+          {"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
+        "ipRanges"=>[],
+        "ipProtocol"=>"icmp",
+        "fromPort"=>-1,
+        "toPort"=>-1}
+    ]
+
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+    end
+
+    permission = { 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22' }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
+    end
+
+    to_be_revoked.push([permission, expected_permissions.dup])
+
+    # previous did nothing
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+    end
+
+    permission = { 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22', 'CidrIp' => '10.0.0.0/8' }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
+    end
+
+    to_be_revoked.push([permission, expected_permissions.dup])
+
+    expected_permissions += [
+      {"groups"=>[],
+        "ipRanges"=>[{"cidrIp"=>"10.0.0.0/8"}],
+        "ipProtocol"=>"tcp",
+        "fromPort"=>22,
+        "toPort"=>22}
+    ]
+
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+    end
+
+    # authorize with nested IpProtocol without IpRanges or Groups does nothing
+    permissions = {
+      'IpPermissions' => [
+        { 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22' }
+      ]
+    }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
+    end
+
+    to_be_revoked.push([permissions, expected_permissions.dup])
+
+    # previous did nothing
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+    end
+
+    # authorize with nested IpProtocol with IpRanges
+    permissions = {
+      'IpPermissions' => [
         {
-          'FromPort' => 80,
-          'IpProtocol' => 'tcp',
-          'ToPort' => 80,
+          'IpProtocol' => 'tcp', 'FromPort' => '80', 'ToPort' => '80',
+          'IpRanges' => [{ 'CidrIp' => '192.168.0.0/24' }]
         }
-      ).body
+      ]
+    }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
     end
 
-    tests("#authorize_security_group_ingress('fog_security_group', {'SourceSecurityGroupName' => 'fog_security_group', 'SourceSecurityGroupOwnerId' => '#{@owner_id}'})").formats(AWS::Compute::Formats::BASIC) do
-      Fog::Compute[:aws].authorize_security_group_ingress(
-        'fog_security_group',
+    to_be_revoked.push([permissions, expected_permissions.dup])
+
+    expected_permissions += [
+      {"groups"=>[],
+        "ipRanges"=>[{"cidrIp"=>"192.168.0.0/24"}],
+        "ipProtocol"=>"tcp",
+        "fromPort"=>80,
+        "toPort"=>80}
+    ]
+
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+    end
+
+    # authorize with nested IpProtocol with Groups
+    permissions = {
+      'IpPermissions' => [
         {
-          'SourceSecurityGroupName'     => 'fog_security_group',
-          'SourceSecurityGroupOwnerId'  => @owner_id
+          'IpProtocol' => 'tcp', 'FromPort' => '8000', 'ToPort' => '8000',
+          'Groups' => [{ 'GroupName' => 'fog_security_group_two' }]
+        }
+      ]
+    }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
+    end
+
+    to_be_revoked.push([permissions, expected_permissions.dup])
+
+    expected_permissions += [
+      {"groups"=>[{"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
+        "ipRanges"=>[],
+        "ipProtocol"=>"tcp",
+        "fromPort"=>8000,
+        "toPort"=>8000}
+    ]
+
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+    end
+
+    # authorize with nested IpProtocol with IpRanges and Groups
+    # try integers on this one instead of strings
+    permissions = {
+      'IpPermissions' => [
+        {
+          'IpProtocol' => 'tcp', 'FromPort' => 9000, 'ToPort' => 9000,
+          'IpRanges' => [{ 'CidrIp' => '172.16.0.0/24' }],
+          'Groups' => [{ 'GroupName' => 'fog_security_group_two' }]
         }
-      ).body
+      ]
+    }
+    tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
+    end
+
+    to_be_revoked.push([permissions, expected_permissions.dup])
+
+    expected_permissions += [
+      {"groups"=>
+        [{"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
+        "ipRanges"=>[{"cidrIp"=>"172.16.0.0/24"}],
+        "ipProtocol"=>"tcp",
+        "fromPort"=>9000,
+        "toPort"=>9000}
+    ]
+
+    tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+      array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
     end
 
     tests("#describe_security_groups").formats(@security_groups_format) do
@@ -54,36 +236,29 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
       Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body
     end
 
-    tests("#revoke_security_group_ingress('fog_security_group', {'FromPort' => 80, 'IpProtocol' => 'tcp', 'toPort' => 80})").formats(AWS::Compute::Formats::BASIC) do
-      Fog::Compute[:aws].revoke_security_group_ingress(
-        'fog_security_group',
-        {
-          'FromPort' => 80,
-          'IpProtocol' => 'tcp',
-          'ToPort' => 80,
-        }
-      ).body
-    end
+    to_be_revoked.reverse.each do |permission, expected_permissions_after|
+      tests("#revoke_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
+        Fog::Compute[:aws].revoke_security_group_ingress('fog_security_group', permission).body
+      end
 
-    tests("#revoke_security_group_ingress('fog_security_group', {'SourceSecurityGroupName' => 'fog_security_group', 'SourceSecurityGroupOwnerId' => '#{@owner_id}'})").formats(AWS::Compute::Formats::BASIC) do
-      Fog::Compute[:aws].revoke_security_group_ingress(
-      'fog_security_group',
-        {
-          'GroupName'                   => 'fog_security_group',
-          'SourceSecurityGroupName'     => 'fog_security_group',
-          'SourceSecurityGroupOwnerId'  => @owner_id
-        }
-      ).body
+      tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
+        array_differences(expected_permissions_after, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
+      end
     end
 
     tests("#delete_security_group('fog_security_group')").formats(AWS::Compute::Formats::BASIC) do
       Fog::Compute[:aws].delete_security_group('fog_security_group').body
     end
 
+    tests("#delete_security_group('fog_security_group_two')").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].delete_security_group('fog_security_group_two').body
+    end
+
   end
   tests('failure') do
 
     @security_group = Fog::Compute[:aws].security_groups.create(:description => 'tests group', :name => 'fog_security_group')
+    @other_security_group = Fog::Compute[:aws].security_groups.create(:description => 'tests group', :name => 'fog_other_security_group')
 
     tests("duplicate #create_security_group(#{@security_group.name}, #{@security_group.description})").raises(Fog::Compute::AWS::Error) do
       Fog::Compute[:aws].create_security_group(@security_group.name, @security_group.description)
@@ -110,6 +285,46 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
       )
     end
 
+    tests("#authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]}).body
+    end
+
+    tests("#authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]})").raises(Fog::Compute::AWS::Error) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]})
+    end
+
+    tests("#authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'Groups' => [{'GroupName' => '#{@other_security_group.name}'}], 'FromPort' => 80, 'ToPort' => 80, 'IpProtocol' => 'tcp'}]})").formats(AWS::Compute::Formats::BASIC) do
+      Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'Groups' => [{'GroupName' => @other_security_group.name}], 'FromPort' => 80, 'ToPort' => 80, 'IpProtocol' => 'tcp'}]}).body
+    end
+
+    tests("#delete_security_group('#{@other_security_group.name}')").raises(Fog::Compute::AWS::Error) do
+      Fog::Compute[:aws].delete_security_group(@other_security_group.name)
+    end
+
+    broken_params = [
+      {},
+      { "IpProtocol" => "what" },
+      { "IpProtocol" => "tcp" },
+      { "IpProtocol" => "what", "FromPort" => 1, "ToPort" => 1 },
+    ]
+    broken_params += broken_params.map do |broken_params_item|
+      { "IpPermissions" => [broken_params_item] }
+    end
+    broken_params += [
+      { "IpPermissions" => [] },
+      { "IpPermissions" => nil }
+    ]
+
+    broken_params.each do |broken_params_item|
+      tests("#authorize_security_group_ingress('fog_security_group', #{broken_params_item.inspect})").raises(Fog::Compute::AWS::Error) do
+        Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', broken_params_item)
+      end
+
+      tests("#revoke_security_group_ingress('fog_security_group', #{broken_params_item.inspect})").raises(Fog::Compute::AWS::Error) do
+        Fog::Compute[:aws].revoke_security_group_ingress('fog_security_group', broken_params_item)
+      end
+    end
+
     tests("#revoke_security_group_ingress('not_a_group_name', {'FromPort' => 80, 'IpProtocol' => 'tcp', 'toPort' => 80})").raises(Fog::Compute::AWS::NotFound) do
       Fog::Compute[:aws].revoke_security_group_ingress(
         'not_a_group_name',
@@ -136,7 +351,11 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
     end
 
     @security_group.destroy
+    @other_security_group.destroy
 
+    tests("#delete_security_group('default')").raises(Fog::Compute::AWS::Error) do
+      Fog::Compute[:aws].delete_security_group('default')
+    end
   end
 
 end