diff --git a/lib/ansible/modules/cloud/amazon/ec2_group.py b/lib/ansible/modules/cloud/amazon/ec2_group.py index a7656b3301c..f72af7380f8 100644 --- a/lib/ansible/modules/cloud/amazon/ec2_group.py +++ b/lib/ansible/modules/cloud/amazon/ec2_group.py @@ -682,8 +682,8 @@ def main(): if group: # existing group if group['Description'] != description: - module.fail_json( - msg="Group description does not match existing group. ec2_group does not support this case.") + module.warn("Group description does not match existing group. Descriptions cannot be changed without deleting " + "and re-creating the security group. Try using state=absent to delete, then rerunning this task.") # if the group doesn't exist, create it now else: diff --git a/test/integration/targets/ec2_group/tasks/main.yml b/test/integration/targets/ec2_group/tasks/main.yml index 4522daa788e..231c35b1d1a 100644 --- a/test/integration/targets/ec2_group/tasks/main.yml +++ b/test/integration/targets/ec2_group/tasks/main.yml @@ -192,7 +192,7 @@ - 'result.group_id.startswith("sg-")' # ============================================================ - - name: test state=present different description raises error + - name: test state=present different description (expected changed=false) ec2_group: name: '{{ec2_group_name}}' description: '{{ec2_group_description}}CHANGED' @@ -204,11 +204,11 @@ ignore_errors: true register: result - - name: assert matching group with non-matching description raises error + - name: assert state=present (expected changed=false) assert: that: - - 'result.failed' - - '"Group description does not match existing group. ec2_group does not support this case." in result.msg' + - 'not result.changed' + - 'result.group_id.startswith("sg-")' # ============================================================ - name: test state=present (expected changed=false)