--- - name: set connection information for all tasks set_fact: aws_connection_info: &aws_connection_info aws_access_key: "{{ aws_access_key }}" aws_secret_key: "{{ aws_secret_key }}" region: "{{ aws_region }}" dms_sg_identifier: "{{ resource_prefix }}-dms" no_log: yes - block: - name: ensure IAM role exists iam_role: <<: *aws_connection_info name: "{{ dms_role_role_name }}" assume_role_policy_document: "{{ lookup('file','dmsAssumeRolePolicyDocument.json') }}" state: present create_instance_profile: no managed_policy: - 'arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole' register: iam_role_output ignore_errors: yes - name: Create VPC for use in testing ec2_vpc_net: name: "{{ resource_prefix }}-vpc" cidr_block: 10.22.32.0/23 tags: Name: Ansible ec2_instance Testing VPC tenancy: default <<: *aws_connection_info register: testing_vpc - name: create subnet1 ec2_vpc_subnet: state: present vpc_id: "{{ testing_vpc.vpc.id }}" cidr: 10.22.32.16/28 az: eu-west-1a <<: *aws_connection_info register: subnet1 - name: create subnet2 ec2_vpc_subnet: state: present vpc_id: "{{ testing_vpc.vpc.id }}" cidr: 10.22.32.32/28 az: eu-west-1c <<: *aws_connection_info register: subnet2 - name: create replication subnet group dms_replication_subnet_group: state: present identifier: "{{ dms_sg_identifier }}" description: "Development Subnet Group" subnet_ids: [ "{{ subnet1.subnet.id }}", "{{ subnet2.subnet.id }}"] <<: *aws_connection_info register: result - assert: that: - result is changed - result is not failed - name: create subnet group no change dms_replication_subnet_group: state: present identifier: "{{ dms_sg_identifier }}" description: "Development Subnet Group" subnet_ids: [ "{{ subnet1.subnet.id }}", "{{ subnet2.subnet.id }}"] <<: *aws_connection_info register: result - assert: that: - result is not changed - result is not failed - name: update subnet group dms_replication_subnet_group: state: present identifier: "{{ dms_sg_identifier }}" description: "Development Subnet Group updated" subnet_ids: [ "{{ subnet1.subnet.id }}", "{{ subnet2.subnet.id }}"] <<: *aws_connection_info register: result - assert: that: - result is changed - result is not failed - name: update subnet group no change dms_replication_subnet_group: state: present identifier: "{{ dms_sg_identifier }}" description: "Development Subnet Group updated" subnet_ids: [ "{{ subnet1.subnet.id }}", "{{ subnet2.subnet.id }}"] <<: *aws_connection_info register: result - assert: that: - result is not changed - result is not failed always: - name: delete subnet group no change dms_replication_subnet_group: state: absent identifier: "{{ dms_sg_identifier }}" description: "Development Subnet Group updated" subnet_ids: [ "{{ subnet1.subnet.id }}", "{{ subnet2.subnet.id }}"] <<: *aws_connection_info register: result - assert: that: - result is changed - result is not failed - name: delete subnet group no change dms_replication_subnet_group: state: absent identifier: "{{ dms_sg_identifier }}" description: "Development Subnet Group updated" subnet_ids: [ "{{ subnet1.subnet.id }}", "{{ subnet2.subnet.id }}"] <<: *aws_connection_info register: result - assert: that: - result is not changed - result is not failed - name: delete subnet1 ec2_vpc_subnet: state: absent vpc_id: "{{ testing_vpc.vpc.id }}" cidr: 10.22.32.16/28 az: eu-west-1a <<: *aws_connection_info - name: delete subnet2 ec2_vpc_subnet: state: absent vpc_id: "{{ testing_vpc.vpc.id }}" cidr: 10.22.32.32/28 az: eu-west-1c <<: *aws_connection_info - name: delete VPC for use in testing ec2_vpc_net: name: "{{ resource_prefix }}-vpc" cidr_block: 10.22.32.0/23 tags: Name: Ansible ec2_instance Testing VPC tenancy: default state: absent <<: *aws_connection_info - name: delete dms-vpc role iam_role: <<: *aws_connection_info name: "{{ dms_role_role_name }}" assume_role_policy_document: "{{ lookup('file','dmsAssumeRolePolicyDocument.json') }}" state: absent create_instance_profile: no managed_policy: - 'arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole' register: iam_role_output ignore_errors: yes