Comment 12 for bug 527648

euca-authorize sets up a rule that is specific to a user/security group. For example, if you are using admin credentials and the group you're authorizing is 'default', then the rule will apply to all instances run by 'admin' in the group 'default'. If you acting as different user, say 'foobar', then you will need to run the command again to authorize the 'foobar/default' group. In a nutshell, the authorizations are tied to user/group pairs, and only need to be run once per user/group pair.

Regards,
-Dan