if (EC2ApiMetadata.CONTEXT_TOKEN.isAssignableFrom(computeServiceContext.getBackendType())) {
// This code (or something like it) may be added to jclouds (see
// http://code.google.com/p/jclouds/issues/detail?id=336).
// Until then we need this temporary workaround.
String region = AWSUtils.parseHandle(Iterables.get(instances, 0).getId())[0];
EC2Client ec2Client = computeServiceContext.unwrap(EC2ApiMetadata.CONTEXT_TOKEN).getApi();
String groupName = "jclouds#" + clusterSpec.getClusterName();
for (String cidr : cidrs) {
for (int port : ports) {
try {
ec2Client.getSecurityGroupServices()
.authorizeSecurityGroupIngressInRegion(region, groupName,
IpProtocol.TCP, port, port, cidr);
} catch(IllegalStateException e) {
LOG.warn(e.getMessage());
/* ignore, it means that this permission was already granted */