- name: set connection information for all tasks
  set_fact:
    aws_connection_info: &aws_connection_info
      aws_access_key: "{{ aws_access_key }}"
      aws_secret_key: "{{ aws_secret_key }}"
      security_token: "{{ security_token }}"
      region: "{{ aws_region }}"
  no_log: true
- name: Make termination-protected instance in the testing subnet created in the test VPC
  ec2_instance:
    name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
    image_id: "{{ ec2_ami_image[aws_region] }}"
    tags:
      TestId: "{{ resource_prefix }}"
    security_groups: "{{ sg.group_id }}"
    vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
    termination_protection: true
    instance_type: t2.micro
    <<: *aws_connection_info
  register: in_test_vpc
- name: Try to terminate the instance
  ec2_instance:
    state: absent
    name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
    image_id: "{{ ec2_ami_image[aws_region] }}"
    tags:
      TestId: "{{ resource_prefix }}"
    security_groups: "{{ sg.group_id }}"
    vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
    termination_protection: true
    instance_type: t2.micro
    <<: *aws_connection_info
  register: bad_terminate
  ignore_errors: yes
- name: Cannot terminate protected instance
  assert:
    that:
      - bad_terminate is failed
- name: Alter termination protection setting
  ec2_instance:
    name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
    image_id: "{{ ec2_ami_image[aws_region] }}"
    vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
    termination_protection: false
    instance_type: t2.micro
    <<: *aws_connection_info
- name: Try to terminate the instance again (should work)
  ec2_instance:
    name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
    image_id: "{{ ec2_ami_image[aws_region] }}"
    vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
    instance_type: t2.micro
    state: absent
    <<: *aws_connection_info
  register: terminate_results
- assert:
    that: terminate_results is not failed