diff --git a/roles/aws/aws_ami/tasks/repack.yml b/roles/aws/aws_ami/tasks/repack.yml
index 47ba4904d..9a9c899ca 100644
--- a/roles/aws/aws_ami/tasks/repack.yml
+++ b/roles/aws/aws_ami/tasks/repack.yml
@@ -9,21 +9,25 @@
   register: aws_ami_running_instances
 
 - name: Create a Security Group to access the controller.
-  amazon.aws.ec2_security_group:
-    profile: "{{ aws_ami.aws_profile }}"
-    region: "{{ aws_ami.region }}"
-    name: "{{ aws_ami.repack.cluster_name }}-repacker"
-    tags: "{{ aws_ami.tags }}"
-    state: present
-    vpc_id: "{{ aws_ami.repack.vpc_id }}"
-    description: "Allow controller to access the {{ aws_ami.ami_name }}-repacking instance"
-    rules:
-      - proto: tcp
-        ports:
-          - 22
-        cidr_ip: "{{ aws_ami.repack.controller_cidr }}"
-        rule_desc: "Allow controller to access the {{ aws_ami.ami_name }}-repacking instance"
-    rules_egress: []
+  ansible.builtin.include_role:
+    name: aws/aws_vpc
+    tasks_from: security_group
+  vars:
+    aws_vpc:
+      profile: "{{ aws_ami.aws_profile }}"
+      region: "{{ aws_ami.region }}"
+      name: "{{ aws_ami.repack.cluster_name }}-repacker"
+      tags: "{{ aws_ami.tags }}"
+      state: present
+      id: "{{ aws_ami.repack.vpc_id }}"
+      description: "Allow controller to access the {{ aws_ami.ami_name }}-repacking instance"
+      rules:
+        - proto: tcp
+          ports:
+            - 22
+          cidr_ip: "{{ aws_ami.repack.controller_cidr }}"
+          rule_desc: "Allow controller to access the {{ aws_ami.ami_name }}-repacking instance"
+      rules_egress: []
 
 - name: Create an AMI with an existing EC2 instance.
   amazon.aws.ec2_ami:
diff --git a/roles/aws/aws_backup_validation/tasks/testing_resources.yml b/roles/aws/aws_backup_validation/tasks/testing_resources.yml
index 56fd50eda..cba6940fc 100644
--- a/roles/aws/aws_backup_validation/tasks/testing_resources.yml
+++ b/roles/aws/aws_backup_validation/tasks/testing_resources.yml
@@ -30,26 +30,32 @@
   register: _main_subnets_info
 
 - name: Create SG for restored instances.
-  amazon.aws.ec2_security_group:
-    name: Restore_testing
-    description: This SG is used to allow SSM and SSH access to the server
-    region: "{{ _aws_region }}"
-    vpc_id: "{{ _main_vpc_info.vpcs[0].vpc_id }}"
-    rules:
-      - proto: tcp
-        from_port: 80
-        to_port: 80
-        cidr_ip: 0.0.0.0/0
-      - proto: tcp
-        from_port: 443
-        to_port: 443
-        cidr_ip: 0.0.0.0/0
-      - proto: tcp
-        from_port: 22
-        to_port: 22
-        cidr_ip: 0.0.0.0/0
-    rules_egress: []
-  register: _restore_testing_sg
+  ansible.builtin.include_role:
+    name: aws/aws_vpc
+    tasks_from: security_group
+  vars:
+    aws_vpc:
+      name: "Restore_testing"
+      region: "{{ aws_ec2_autoscale_cluster.region }}"
+      id: "{{ _main_vpc_info.vpcs[0].vpc_id }}"
+      description: "This SG is used to allow SSM and SSH access to the server"
+      rules:
+        - proto: tcp
+          from_port: 80
+          to_port: 80
+          cidr_ip: 0.0.0.0/0
+        - proto: tcp
+          from_port: 443
+          to_port: 443
+          cidr_ip: 0.0.0.0/0
+        - proto: tcp
+          from_port: 22
+          to_port: 22
+          cidr_ip: 0.0.0.0/0
+
+- name: Construct AWS instance type dict.
+  ansible.builtin.set_fact:
+    _restore_testing_sg: "{{ aws_vpc._result['Restore_testing'] }}"
 
 - name: Remove restore testing query file.
   ansible.builtin.file:
diff --git a/roles/aws/aws_ec2_autoscale_cluster/tasks/main.yml b/roles/aws/aws_ec2_autoscale_cluster/tasks/main.yml
index e8f63de73..cb5a05832 100644
--- a/roles/aws/aws_ec2_autoscale_cluster/tasks/main.yml
+++ b/roles/aws/aws_ec2_autoscale_cluster/tasks/main.yml
@@ -30,23 +30,25 @@
   when: aws_ec2_autoscale_cluster.vpc_name is not defined or (aws_ec2_autoscale_cluster.vpc_name | length) == 0
 
 - name: Create matching Security Group.
-  amazon.aws.ec2_security_group:
-    profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
-    region: "{{ aws_ec2_autoscale_cluster.region }}"
-    name: "{{ aws_ec2_autoscale_cluster.name }}"
-    tags: "{{ aws_ec2_autoscale_cluster.tags | combine({'Name': aws_ec2_autoscale_cluster.name}) }}"
-    state: "{{ aws_ec2_autoscale_cluster.state }}"
-    vpc_id: "{{ _aws_ec2_autoscale_cluster_vpc_id }}"
-    description: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
-    rules:
-      - proto: all
-        group_name: "{{ aws_ec2_autoscale_cluster.name }}"
-        rule_desc: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
-    rules_egress:
-      - proto: all
-        group_name: "{{ aws_ec2_autoscale_cluster.name }}"
-        rule_desc: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
-  register: _aws_ec2_autoscale_cluster_security_group
+  ansible.builtin.include_role:
+    name: aws/aws_vpc
+    tasks_from: security_group
+  vars:
+    aws_vpc:
+      name: "{{ aws_ec2_autoscale_cluster.name }}"
+      profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
+      region: "{{ aws_ec2_autoscale_cluster.region }}"
+      tags: "{{ aws_ec2_autoscale_cluster.tags | combine({'Name': aws_ec2_autoscale_cluster.name}) }}"
+      state: "{{ aws_ec2_autoscale_cluster.state }}"
+      id: "{{ _aws_ec2_autoscale_cluster_vpc_id }}"
+      description: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
+      rules:
+        - proto: all
+          group_name: "{{ aws_ec2_autoscale_cluster.name }}"
+
+- name: Set _aws_ec2_autoscale_cluster_security_group variable.
+  ansible.builtin.set_fact:
+    _aws_ec2_autoscale_cluster_security_group: "{{ aws_vpc._result[aws_ec2_autoscale_cluster.name] }}"
 
 - name: Reset subnets lists.
   ansible.builtin.set_fact:
diff --git a/roles/aws/aws_vpc/tasks/main.yml b/roles/aws/aws_vpc/tasks/main.yml
index 9901abd85..a39cce8db 100644
--- a/roles/aws/aws_vpc/tasks/main.yml
+++ b/roles/aws/aws_vpc/tasks/main.yml
@@ -10,18 +10,24 @@
   register: _aws_vpc_vpc
 
 - name: Ensure default Security group is tagged.
-  amazon.aws.ec2_security_group:
-    name: "default"
-    profile: "{{ aws_vpc.aws_profile }}"
-    region: "{{ aws_vpc.region }}"
-    tags: "{{ aws_vpc.tags }}"
-    state: "{{ aws_vpc.state }}"
-    vpc_id: "{{ _aws_vpc_vpc.vpc.id }}"
-    description: "default VPC security group"
-    purge_rules: false
+  ansible.builtin.include_tasks: "security_group.yml"
+  vars:
+    aws_vpc:
+      name: "default"
+      id: "{{ _aws_vpc_vpc.vpc.id }}"
+      description: "default VPC security group"
+      purge_rules: false
 
 - name: Create VPC Security groups.
   ansible.builtin.include_tasks: "security_group.yml"
+  vars:
+    aws_vpc:
+      name: "{{ security_group.name }}"
+      tags: "{{ aws_vpc.tags | combine({'Name': security_group.name}) }}"
+      id: "{{ _aws_vpc_vpc.vpc.id }}"
+      description: "default VPC security group"
+      rules: "{{ security_group.rules | default(omit) }}"
+      rules_egress: "{{ security_group.rules_egress | default(omit) }}"
   with_items: "{{ aws_vpc.security_groups }}"
   loop_control:
     loop_var: security_group
diff --git a/roles/aws/aws_vpc/tasks/security_group.yml b/roles/aws/aws_vpc/tasks/security_group.yml
index 4e737b3cd..d60c6bf34 100644
--- a/roles/aws/aws_vpc/tasks/security_group.yml
+++ b/roles/aws/aws_vpc/tasks/security_group.yml
@@ -1,14 +1,14 @@
 - name: Create Security Group.
   amazon.aws.ec2_security_group:
-    name: "{{ security_group.name }}"
+    name: "{{ aws_vpc.name }}"
     profile: "{{ aws_vpc.aws_profile }}"
     region: "{{ aws_vpc.region }}"
-    tags: "{{ aws_vpc.tags | combine({'Name': security_group.name}) }}"
+    tags: "{{ aws_vpc.tags  }}"
     state: "{{ aws_vpc.state }}"
-    vpc_id: "{{ _aws_vpc_vpc.vpc.id }}"
-    description: "{{ security_group.description | default('') }}"
-    rules: "{{ security_group.rules | default(omit) }}"
-    rules_egress: "{{ security_group.rules_egress | default(omit) }}"
+    vpc_id: "{{ aws_vpc.id }}"
+    description: "{{ aws_vpc.description }}"
+    rules: "{{ aws_vpc.rules | default(omit) }}"
+    rules_egress: "{{ aws_vpc.rules_egress | default(omit) }}"
     purge_rules: "{{ aws_vpc.purge_rules | default(omit) }}"
   register: _aws_vpc_result
 
diff --git a/roles/aws/aws_vpc_subnet/tasks/subnet.yml b/roles/aws/aws_vpc_subnet/tasks/subnet.yml
index 3d89ccc5e..52ceaa6af 100644
--- a/roles/aws/aws_vpc_subnet/tasks/subnet.yml
+++ b/roles/aws/aws_vpc_subnet/tasks/subnet.yml
@@ -23,18 +23,21 @@
   when: subnet.nat_ipv4 is defined and subnet.nat_ipv4
 
 - name: Create matching Security Group.
-  amazon.aws.ec2_security_group:
-    name: "{{ subnet.name }}"
-    profile: "{{ aws_vpc_subnet.aws_profile }}"
-    region: "{{ aws_vpc_subnet.region }}"
-    tags: "{{ aws_vpc_subnet.tags | combine({'Name': subnet.name}) }}"
-    state: "{{ aws_vpc_subnet.state }}"
-    vpc_id: "{{ _aws_vpc_subnet_vpc_id }}"
-    description: "Allow internal traffic for subnet {{ subnet.name }}"
-    rules:
-      - proto: all
-        group_name: "{{ subnet.name }}"
-        rule_desc: "Allow internal traffic for subnet {{ subnet.name }}"
+  ansible.builtin.include_role:
+    name: aws/aws_vpc
+    tasks_from: security_group
+  vars:
+    aws_vpc:
+      name: "{{ subnet.name }}"
+      profile: "{{ aws_vpc_subnet.aws_profile }}"
+      region: "{{ aws_vpc_subnet.region }}"
+      tags: "{{ aws_vpc_subnet.tags | combine({'Name': subnet.name}) }}"
+      state: "{{ aws_vpc_subnet.state }}"
+      id: "{{ _aws_vpc_subnet_vpc_id }}"
+      description: "Allow internal traffic for subnet {{ subnet.name }}"
+      rules:
+        - proto: all
+          group_name: "{{ subnet.name }}"
     rules_egress:
       - proto: all
         group_name: "{{ subnet.name }}"