Improve output representation of Get-EC2SecurityGroup

[lyoungstratus]

Provide a general summary of the issue in the Title above.

When retrieving a security group with a UserID group pair in its ingress ippermissions, the UserIDGroupPairs property should be populated.

Current Behavior

I retrieved a security group that has a UserID group pair in its ingress ippermissions, and the UserIDGroupPairs property was returned as empty. Using the aws cli the property was populated as expected.

Possible Solution

Not required, but suggest a fix/reason for the bug, or ideas how to implement the addition or change.

Steps to Reproduce (for bugs) I created a security group within my VPC which had a reference to another security group. I then retrieved it with powershell:

Get-EC2SecurityGroup -GroupId 'sg-0d172482cb0508e6c' -Verbose|%{$_.ippermissions}
VERBOSE: Invoking Amazon Elastic Compute Cloud (EC2) operation 'DescribeSecurityGroups' in region 'us-east-1'

FromPort         : 5432
IpProtocol       : tcp
Ipv4Ranges       : {Amazon.EC2.Model.IpRange}
Ipv6Ranges       : {}
PrefixListIds    : {}
ToPort           : 5432
UserIdGroupPairs : {}

I retrieved the same security group with Aws cli:

 (aws ec2 describe-security-groups |convertfrom-json).SecurityGroups|?{$_.groupid -eq 'sg-0d172482cb0508e6c'}|%{$_.ippermissions}

FromPort         : 5432
IpProtocol       : tcp
IpRanges         : {@{CidrIp=10.42.0.0/16}}
Ipv6Ranges       : {}
PrefixListIds    : {}
ToPort           : 5432
UserIdGroupPairs : {@{GroupId=sg-05e26b9ccd41e8184; UserId=812539457035}}

Context

How has this issue affected you? What are you trying to accomplish? Providing context helps us come up with a solution that is most useful in the real world.

Your Environment

get-modules:
Binary     4.0.2.0    AWSPowerShell
mazon Web Services SDK for .NET
Core Runtime Version 3.3.104.4

AWS Tools for Windows Powershell Version 4.0.2.0

Name                           Value
----                           -----
PSVersion                      5.1.18362.145
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.18362.145
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

[klaytaybai]

Thanks for reporting this. I was able to reproduce the problem, but I didn't immediately see anything in the code that seemed like the root cause. I'll continue investigating.

[matteo-prosperi]

Hello, after reproducing this, it appears to be simply a visualization issue.

If I type:

PS C:\> (get-ec2securitygroup -Select SecurityGroups.IpPermissions -GroupId sg-06f33aabb63b3c0cf)

FromPort         : 0
IpProtocol       : -1
Ipv4Ranges       : {}
Ipv6Ranges       : {}
PrefixListIds    : {}
ToPort           : 0
UserIdGroupPairs : {}

But when I type:

PS C:\Users\prospm> (get-ec2securitygroup -Select SecurityGroups.IpPermissions -GroupId sg-06f33aabb63b3c0cf) | ConvertTo-Json
{
  "IpRanges": [],
  "FromPort": 0,
  "IpProtocol": "-1",
  "Ipv4Ranges": [],
  "Ipv6Ranges": [],
  "PrefixListIds": [],
  "ToPort": 0,
  "UserIdGroupPairs": [
    {
      "Description": null,
      "GroupId": "sg-06f33aabb63b3c0cf",
      "GroupName": null,
      "PeeringStatus": null,
      "UserId": "252047219677",
      "VpcId": null,
      "VpcPeeringConnectionId": null
    }
  ]
}

Unfortunately PowerShell default printout of the object collapses UserIdGroupPairs in a way that leads to confusion. And it is easy to think that the list is actually empty.

I will research if there is anything we can do to push PowerShell to do a less confusing printout of these objects.

Thanks for reporting this issue.

[github-actions[bot]]

We have noticed this issue has not received attention in 1 year. We will close this issue for now. If you think this is in error, please feel free to comment and reopen the issue.