Can use SecurityGroupId in default vpc SGs (#2691)

kddejong · web-flow · commit dd2e0c3e0c67 · 2023-04-13T14:01:52.000-07:00
diff --git a/src/cfnlint/rules/resources/ectwo/SecurityGroupIngress.py b/src/cfnlint/rules/resources/ectwo/SecurityGroupIngress.py
@@ -36,19 +36,6 @@ def check_ingress_rule(self, vpc_id, properties, path):
                     )
                 )
 
-        else:
-            if properties.get("SourceSecurityGroupId", None):
-                path_error = path[:] + ["SourceSecurityGroupId"]
-                message = (
-                    "SourceSecurityGroupId shouldn't be specified for "
-                    "Non-Vpc Security Group at {0}"
-                )
-                matches.append(
-                    RuleMatch(
-                        path_error, message.format("/".join(map(str, path_error)))
-                    )
-                )
-
         return matches
 
     def match(self, cfn):
diff --git a/test/unit/rules/resources/ec2/test_sg_ingress.py b/test/unit/rules/resources/ec2/test_sg_ingress.py
@@ -27,5 +27,5 @@ def test_file_positive(self):
     def test_file_negative(self):
         """Test failure"""
         self.helper_file_negative(
-            "test/fixtures/templates/bad/properties_sg_ingress.yaml", 2
+            "test/fixtures/templates/bad/properties_sg_ingress.yaml", 1
         )

Original file line number	Diff line number	Diff line change
`@@ -27,5 +27,5 @@ def test_file_positive(self):`
`27`	`27`	`def test_file_negative(self):`
`28`	`28`	`"""Test failure"""`
`29`	`29`	`self.helper_file_negative(`
`30`		`- "test/fixtures/templates/bad/properties_sg_ingress.yaml", 2`
	`30`	`+ "test/fixtures/templates/bad/properties_sg_ingress.yaml", 1`
`31`	`31`	`)`