Comment 1 for bug 1840676

I can't reproduce this in Juju 2.8.8

The security groups created by Juju are tagged with the controller uuid, and in the code to destroy the controller, all tagged security groups are deleted.

// Delete security groups managed by the controller.
groups, err := e.controllerSecurityGroups(ctx, controllerUUID)
if err != nil {
  return errors.Trace(err)
}
for _, g := range groups {
  if err := deleteSecurityGroupInsistently(e.ec2, ctx, g, clock.WallClock); err != nil {
    return errors.Annotatef(
      err, "cannot delete security group %q (%q)",
      g.Name, g.Id,
    )
  }
}

I deployed a controller and added a model and deployed a charm to that model and then ran destroy-controller and can see from the AWS console that all the security groups, including those for the controller, are deleted.