[cloud] Add `force` flag to ec2_key module (#21685)

Set the `force` flag to false to:
  - protect existing Keys from being overwritten
  - check if a Key was already existing by evaluating
    the returned `changed` status
pull/21846/head
Philipp Schmiedel 8 years ago committed by Ryan Brown
parent b25c51f99a
commit 88f67747cc

@ -35,6 +35,12 @@ options:
description: description:
- Public key material. - Public key material.
required: false required: false
force:
description:
- Force overwrite of already existing key pair if key has changed.
required: false
default: true
version_added: "2.3"
state: state:
description: description:
- create or delete keypair - create or delete keypair
@ -80,6 +86,15 @@ EXAMPLES = '''
key_material: 'ssh-rsa AAAAxyz...== me@example.com' key_material: 'ssh-rsa AAAAxyz...== me@example.com'
state: present state: present
# Given example2 is already existing, the key will not be replaced because the
# force flag was set to `false`
- name: example2 ec2 key
ec2_key:
name: example2
key_material: 'ssh-rsa AAAAxyz...== me@example.com'
force: false
state: present
# Creates a new ec2 key pair named `example` if not present using provided key # Creates a new ec2 key pair named `example` if not present using provided key
# material # material
- name: example3 ec2 key - name: example3 ec2 key
@ -110,6 +125,7 @@ def main():
argument_spec.update(dict( argument_spec.update(dict(
name=dict(required=True), name=dict(required=True),
key_material=dict(required=False), key_material=dict(required=False),
force = dict(required=False, type='bool', default=True),
state = dict(default='present', choices=['present', 'absent']), state = dict(default='present', choices=['present', 'absent']),
wait = dict(type='bool', default=False), wait = dict(type='bool', default=False),
wait_timeout = dict(default=300), wait_timeout = dict(default=300),
@ -126,6 +142,7 @@ def main():
name = module.params['name'] name = module.params['name']
state = module.params.get('state') state = module.params.get('state')
key_material = module.params.get('key_material') key_material = module.params.get('key_material')
force = module.params.get('force')
wait = module.params.get('wait') wait = module.params.get('wait')
wait_timeout = int(module.params.get('wait_timeout')) wait_timeout = int(module.params.get('wait_timeout'))
@ -162,7 +179,7 @@ def main():
elif state == 'present': elif state == 'present':
if key: if key:
# existing key found # existing key found
if key_material: if key_material and force:
# EC2's fingerprints are non-trivial to generate, so push this key # EC2's fingerprints are non-trivial to generate, so push this key
# to a temporary name and make ec2 calculate the fingerprint for us. # to a temporary name and make ec2 calculate the fingerprint for us.
# #

Loading…
Cancel
Save