--- - block: - name: set up aws connection info set_fact: aws_connection_info: &aws_connection_info aws_access_key: "{{ aws_access_key }}" aws_secret_key: "{{ aws_secret_key }}" security_token: "{{ security_token }}" region: "{{ aws_region }}" no_log: yes - name: Create a group with self-referring rule ec2_group: name: '{{ec2_group_name}}-auto-create-1' vpc_id: '{{ vpc_result.vpc.id }}' description: '{{ec2_group_description}}' rules: - proto: "tcp" from_port: 8000 to_port: 8100 group_name: '{{ec2_group_name}}-auto-create-1' <<: *aws_connection_info state: present register: result - name: Create a second group rule ec2_group: name: '{{ec2_group_name}}-auto-create-2' vpc_id: '{{ vpc_result.vpc.id }}' description: '{{ec2_group_description}}' <<: *aws_connection_info state: present - name: Create a series of rules with a recently created group as target ec2_group: name: '{{ec2_group_name}}-auto-create-1' vpc_id: '{{ vpc_result.vpc.id }}' description: '{{ec2_group_description}}' purge_rules: false rules: - proto: "tcp" from_port: "{{ item }}" to_port: "{{ item }}" group_name: '{{ec2_group_name}}-auto-create-2' <<: *aws_connection_info state: present register: result with_items: - 20 - 40 - 60 - 80 - name: Create a group with only the default rule ec2_group: name: '{{ec2_group_name}}-auto-create-1' vpc_id: '{{ vpc_result.vpc.id }}' description: '{{ec2_group_description}}' rules: - proto: "tcp" from_port: 8182 to_port: 8182 group_name: '{{ec2_group_name}}-auto-create-3' <<: *aws_connection_info state: present register: result ignore_errors: true - name: assert you can't create a new group from a rule target with no description assert: that: - result is failed - name: Create a group with a target of a separate group ec2_group: name: '{{ec2_group_name}}-auto-create-1' vpc_id: '{{ vpc_result.vpc.id }}' description: '{{ec2_group_description}}' rules: - proto: tcp ports: - 22 - 80 group_name: '{{ec2_group_name}}-auto-create-3' group_desc: '{{ec2_group_description}}' <<: *aws_connection_info state: present register: result - name: Create a 4th group ec2_group: name: '{{ec2_group_name}}-auto-create-4' vpc_id: '{{ vpc_result.vpc.id }}' description: '{{ec2_group_description}}' <<: *aws_connection_info state: present rules: - proto: tcp ports: - 22 cidr_ip: 0.0.0.0/0 - name: use recently created group in a rule ec2_group: name: '{{ec2_group_name}}-auto-create-5' vpc_id: '{{ vpc_result.vpc.id }}' description: '{{ec2_group_description}}' rules: - proto: tcp ports: - 443 group_name: '{{ec2_group_name}}-auto-create-4' <<: *aws_connection_info state: present always: - name: tidy up egress rule test security group ec2_group: name: '{{ec2_group_name}}-auto-create-{{ item }}' state: absent vpc_id: '{{ vpc_result.vpc.id }}' <<: *aws_connection_info ignore_errors: yes with_items: [5, 4, 3, 2, 1] - name: tidy up egress rule test security group ec2_group: name: '{{ec2_group_name}}-auto-create-{{ item }}' state: absent vpc_id: '{{ vpc_result.vpc.id }}' <<: *aws_connection_info ignore_errors: yes with_items: [1, 2, 3, 4, 5]