# File lib/aws/ec2/security_group.rb, line 398
      def parse_sources sources

        ips = []
        groups = []

        sources.each do |source|
          case source

          when String
            ips << { :cidr_ip => source }

          when SecurityGroup
            groups << { :group_id => source.id, :user_id => source.owner_id }

          when ELB::LoadBalancer 
            groups << source.source_security_group

          when Hash
            
            # group name or id required
            unless source.has_key?(:group_id) or source.has_key?(:group_name)
              raise ArgumentError, 'invalid ip permission hash, ' +
                'must provide :group_id or :group_name'
            end

            # prevent typos
            unless source.keys - [:group_id, :group_name, :user_id] == []
              raise ArgumentError, 'invalid ip permission hash, ' +
                'only accepts the following keys, :group_id, :group_name, :user_id'
            end

            groups << source

          else
            raise ArgumentError, 'invalid ingress ip permission, ' +
              'expected CIDR IP address or SecurityGroup'
          end
        end

        ips << { :cidr_ip => '0.0.0.0/0' } if ips.empty? and groups.empty?

        [ips, groups]
        
      end