mirror of https://github.com/ansible/ansible.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 lines
3.3 KiB
YAML
97 lines
3.3 KiB
YAML
---
|
|
|
|
- name: Set Connexion Information for All Tasks
|
|
set_fact:
|
|
aws_connection_info: &aws_connection_info
|
|
aws_access_key: "{{ aws_access_key }}"
|
|
aws_secret_key: "{{ aws_secret_key }}"
|
|
security_token: "{{ security_token }}"
|
|
region: "{{ aws_region }}"
|
|
no_log: yes
|
|
|
|
- block:
|
|
- name: Create AWS Inspector Target Group
|
|
aws_inspector_target:
|
|
name: "{{ aws_inspector_scan_name }}"
|
|
state: present
|
|
tags:
|
|
Name: "{{ aws_inspector_scan_name }}"
|
|
changed: "no"
|
|
<<: *aws_connection_info
|
|
register: target_group_create
|
|
|
|
- name: Create AWS Inspector Target Group (Verify)
|
|
aws_inspector_target:
|
|
name: "{{ aws_inspector_scan_name }}"
|
|
state: present
|
|
tags:
|
|
Name: "{{ aws_inspector_scan_name }}"
|
|
changed: "no"
|
|
<<: *aws_connection_info
|
|
register: target_group_create_verify
|
|
|
|
- name: Assert Successful AWS Inspector Target Group Creation
|
|
assert:
|
|
that:
|
|
- target_group_create is changed
|
|
- target_group_create.name == aws_inspector_scan_name
|
|
- target_group_create.tags.Name == aws_inspector_scan_name
|
|
- target_group_create.tags.changed == "no"
|
|
- target_group_create_verify is not changed
|
|
- target_group_create_verify.name == aws_inspector_scan_name
|
|
- target_group_create_verify.tags.Name == aws_inspector_scan_name
|
|
- target_group_create_verify.tags.changed == "no"
|
|
|
|
- name: Change AWS Inspector Target Group Tags
|
|
aws_inspector_target:
|
|
name: "{{ aws_inspector_scan_name }}"
|
|
state: present
|
|
tags:
|
|
Name: "{{ aws_inspector_scan_name }}"
|
|
changed: "yes"
|
|
<<: *aws_connection_info
|
|
register: target_group_tag_change
|
|
|
|
- name: Change AWS Inspector Target Group Tags (Verify)
|
|
aws_inspector_target:
|
|
name: "{{ aws_inspector_scan_name }}"
|
|
state: present
|
|
tags:
|
|
Name: "{{ aws_inspector_scan_name }}"
|
|
changed: "yes"
|
|
<<: *aws_connection_info
|
|
register: target_group_tag_change_verify
|
|
|
|
- name: Assert Successful AWS Inspector Target Group Tag Change
|
|
assert:
|
|
that:
|
|
- target_group_tag_change is changed
|
|
- target_group_tag_change.name == aws_inspector_scan_name
|
|
- target_group_tag_change.tags.Name == aws_inspector_scan_name
|
|
- target_group_tag_change.tags.changed == "yes"
|
|
- target_group_tag_change_verify is not changed
|
|
- target_group_tag_change_verify.name == aws_inspector_scan_name
|
|
- target_group_tag_change_verify.tags.Name == aws_inspector_scan_name
|
|
- target_group_tag_change_verify.tags.changed == "yes"
|
|
|
|
always:
|
|
- name: Delete AWS Inspector Target Group
|
|
aws_inspector_target:
|
|
name: "{{ aws_inspector_scan_name }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
register: target_group_delete
|
|
|
|
- name: Delete AWS Inspector Target Group (Verify)
|
|
aws_inspector_target:
|
|
name: "{{ aws_inspector_scan_name }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
register: target_group_delete_verify
|
|
|
|
- name: Assert Successful AWS Inspector Target Group Deletion
|
|
assert:
|
|
that:
|
|
- target_group_delete is changed
|
|
- target_group_delete_verify is not changed
|