From eff918e3a2d1810f7c4f1f6f73bb763984eebd81 Mon Sep 17 00:00:00 2001 From: Alina Buzachis <49211501+alinabuzachis@users.noreply.github.com> Date: Wed, 10 Mar 2021 11:47:13 +0100 Subject: [PATCH] [ec2_vpc_nat_gateway] Fix broken check_mode (#436) * ec2_vpc_nat_gateway: fix broken check_mode * fix broken check_mode (remove hard coded values) Signed-off-by: Alina Buzachis --- plugins/modules/ec2_vpc_nat_gateway.py | 127 +-- .../ec2_vpc_nat_gateway/tasks/main.yml | 968 ++++++++---------- 2 files changed, 481 insertions(+), 614 deletions(-) diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index 428f82b392b..11c271434d9 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -247,36 +247,6 @@ from ansible.module_utils.six import string_types from ansible.module_utils._text import to_native -DRY_RUN_GATEWAYS = [ - { - "nat_gateway_id": "nat-123456789", - "subnet_id": "subnet-123456789", - "nat_gateway_addresses": [ - { - "public_ip": "55.55.55.55", - "network_interface_id": "eni-1234567", - "private_ip": "10.0.0.102", - "allocation_id": "eipalloc-1234567" - } - ], - "state": "available", - "create_time": "2016-03-05T05:19:20.282000+00:00", - "vpc_id": "vpc-12345678" - } -] - -DRY_RUN_ALLOCATION_UNCONVERTED = { - 'Addresses': [ - { - 'PublicIp': '55.55.55.55', - 'Domain': 'vpc', - 'AllocationId': 'eipalloc-1234567' - } - ] -} - -DRY_RUN_MSGS = 'DryRun Mode:' - @AWSRetry.jittered_backoff(retries=10) def _describe_nat_gateways(client, **params): @@ -344,22 +314,11 @@ def get_nat_gateways(client, subnet_id=None, nat_gateway_id=None, ] try: - if not check_mode: - gateways = _describe_nat_gateways(client, **params) - if gateways: - for gw in gateways: - existing_gateways.append(camel_dict_to_snake_dict(gw)) - gateways_retrieved = True - else: - gateways_retrieved = True - if nat_gateway_id: - if DRY_RUN_GATEWAYS[0]['nat_gateway_id'] == nat_gateway_id: - existing_gateways = DRY_RUN_GATEWAYS - elif subnet_id: - if DRY_RUN_GATEWAYS[0]['subnet_id'] == subnet_id: - existing_gateways = DRY_RUN_GATEWAYS - err_msg = '{0} Retrieving gateways'.format(DRY_RUN_MSGS) - + gateways = _describe_nat_gateways(client, **params) + if gateways: + for gw in gateways: + existing_gateways.append(camel_dict_to_snake_dict(gw)) + gateways_retrieved = True except botocore.exceptions.ClientError as e: err_msg = str(e) @@ -422,8 +381,6 @@ def wait_for_status(client, wait_timeout, nat_gateway_id, status, ) if gws_retrieved and nat_gateways: nat_gateway = nat_gateways[0] - if check_mode: - nat_gateway['state'] = status if nat_gateway.get('state') == status: status_achieved = True @@ -500,6 +457,7 @@ def gateway_in_subnet_exists(client, subnet_id, allocation_id=None, client, subnet_id, states=states, check_mode=check_mode ) ) + if not gws_retrieved: return gateways, allocation_id_exists for gw in gws: @@ -538,21 +496,14 @@ def get_eip_allocation_id_by_address(client, eip_address, check_mode=False): } allocation_id = None err_msg = "" + try: - if not check_mode: - allocations = client.describe_addresses(aws_retry=True, **params) - if len(allocations) == 1: - allocation = allocations[0] - else: - allocation = None + allocations = client.describe_addresses(aws_retry=True, **params)['Addresses'] + if len(allocations) == 1: + allocation = allocations[0] else: - dry_run_eip = ( - DRY_RUN_ALLOCATION_UNCONVERTED['Addresses'][0]['PublicIp'] - ) - if dry_run_eip == eip_address: - allocation = DRY_RUN_ALLOCATION_UNCONVERTED['Addresses'][0] - else: - allocation = None + allocation = None + if allocation: if allocation.get('Domain') != 'vpc': err_msg = ( @@ -595,16 +546,15 @@ def allocate_eip_address(client, check_mode=False): params = { 'Domain': 'vpc', } + + if check_mode: + ip_allocated = True + new_eip = None + return ip_allocated, err_msg, new_eip + try: - if check_mode: - ip_allocated = True - random_numbers = ( - ''.join(str(x) for x in random.sample(range(0, 9), 7)) - ) - new_eip = 'eipalloc-{0}'.format(random_numbers) - else: - new_eip = client.allocate_address(aws_retry=True, **params)['AllocationId'] - ip_allocated = True + new_eip = client.allocate_address(aws_retry=True, **params)['AllocationId'] + ip_allocated = True err_msg = 'eipalloc id {0} created'.format(new_eip) except botocore.exceptions.ClientError as e: @@ -633,6 +583,7 @@ def release_address(client, allocation_id, check_mode=False): Boolean, string """ err_msg = '' + if check_mode: return True, '' @@ -711,22 +662,24 @@ def create(client, module, subnet_id, allocation_id, tags, purge_tags, client_to success = False token_provided = False err_msg = "" + result = {} if client_token: token_provided = True params['ClientToken'] = client_token + if check_mode: + success = True + changed = True + return success, changed, err_msg, result + try: - if not check_mode: - result = camel_dict_to_snake_dict(client.create_nat_gateway(aws_retry=True, **params)["NatGateway"]) - else: - result = DRY_RUN_GATEWAYS[0] - result['create_time'] = datetime.datetime.utcnow() - result['nat_gateway_addresses'][0]['allocation_id'] = allocation_id - result['subnet_id'] = subnet_id + result = camel_dict_to_snake_dict(client.create_nat_gateway(aws_retry=True, **params)["NatGateway"]) success = True changed = True + create_time = result['create_time'].replace(tzinfo=None) + if token_provided and (request_time > create_time): changed = False elif wait: @@ -815,10 +768,11 @@ def pre_create(client, module, subnet_id, tags, purge_tags, allocation_id=None, success = False changed = False err_msg = "" - results = list() + results = {} if not allocation_id and not eip_address: existing_gateways, allocation_id_exists = (gateway_in_subnet_exists(client, subnet_id, check_mode=check_mode)) + if len(existing_gateways) > 0 and if_exist_do_not_create: results = existing_gateways[0] results['tags'], tags_update_exists = ensure_tags(client, module, results['nat_gateway_id'], tags, purge_tags, check_mode) @@ -855,6 +809,7 @@ def pre_create(client, module, subnet_id, tags, purge_tags, allocation_id=None, success = False changed = False return success, changed, err_msg, dict() + existing_gateways, allocation_id_exists = ( gateway_in_subnet_exists( client, subnet_id, allocation_id, check_mode=check_mode @@ -933,8 +888,14 @@ def remove(client, nat_gateway_id, wait=False, wait_timeout=0, success = False changed = False err_msg = "" - results = list() + results = {} states = ['pending', 'available'] + + if check_mode: + changed = True + success = True + return success, changed, err_msg, results + try: exist, err_msg, gw = ( get_nat_gateways( @@ -944,8 +905,7 @@ def remove(client, nat_gateway_id, wait=False, wait_timeout=0, ) if exist and len(gw) == 1: results = gw[0] - if not check_mode: - client.delete_nat_gateway(aws_retry=True, **params) + client.delete_nat_gateway(aws_retry=True, **params) allocation_id = ( results['nat_gateway_addresses'][0]['allocation_id'] @@ -990,6 +950,10 @@ def ensure_tags(client, module, nat_gw_id, tags, purge_tags, check_mode): final_tags = [] changed = False + if check_mode and nat_gw_id is None: + # We can't describe tags without an EIP id, we might get here when creating a new EIP in check_mode + return final_tags, changed + filters = ansible_dict_to_boto3_filter_list({'resource-id': nat_gw_id, 'resource-type': 'natgateway'}) cur_tags = None try: @@ -1041,6 +1005,7 @@ def ensure_tags(client, module, nat_gw_id, tags, purge_tags, check_mode): final_tags = boto3_tag_list_to_ansible_dict(response.get('Tags')) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, "Couldn't describe tags") + return final_tags, changed diff --git a/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml b/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml index f43a3ece55c..3dcb70a153e 100644 --- a/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml @@ -1,16 +1,4 @@ --- -# ============================================================ -# Known issues: -# -# `check_mode` is not working correctly due to the hard-coded DRY_RUN_GATEWAY (module code). The values passed here, -# when CHECK_MODE is used, don't correspond to those used for the DRY_RUN_GATEWAY and all test -# (except when the NAT gateway is created for the first time) fail. -# -# `Create new NAT gateway with eip address` - when the task is run for the first time, do we expect changed=true? -# As we use the same EIP, I think changed should be false (if this is correct, lines 194-218 are redundant and -# lines 177 and 190 should report `not create_ngw.changed`). -# ============================================================ - - name: ec2_vpc_nat_gateway tests module_defaults: group/aws: @@ -22,7 +10,7 @@ - amazon.aws block: - + # ============================================================ - name: Create a VPC ec2_vpc_net: @@ -35,11 +23,20 @@ assert: that: - vpc_result is successful + - '"vpc" in vpc_result' + - '"cidr_block" in vpc_result.vpc' + - vpc_result.vpc.cidr_block == vpc_cidr + - '"id" in vpc_result.vpc' + - vpc_result.vpc.id.startswith("vpc-") + - '"state" in vpc_result.vpc' + - vpc_result.vpc.state == 'available' + - '"tags" in vpc_result.vpc' - name: "set fact: VPC ID" set_fact: vpc_id: "{{ vpc_result.vpc.id }}" + # ============================================================ - name: Allocate a new EIP ec2_eip: @@ -52,7 +49,9 @@ assert: that: - eip_result is successful + - '"allocation_id" in eip_result' - 'eip_result.allocation_id.startswith("eipalloc-")' + - '"public_ip" in eip_result' - name: "set fact: EIP allocation ID and EIP public IP" set_fact: @@ -72,9 +71,14 @@ assert: that: - subnet_result is successful - - subnet_result.subnet.id.startswith("subnet-") + - '"subnet" in subnet_result' + - '"cidr_block" in subnet_result.subnet' - subnet_result.subnet.cidr_block == subnet_cidr + - '"id" in subnet_result.subnet' + - subnet_result.subnet.id.startswith("subnet-") + - '"state" in subnet_result.subnet' - subnet_result.subnet.state == 'available' + - '"tags" in subnet_result.subnet' - subnet_result.subnet.vpc_id == vpc_id - name: "set fact: VPC subnet ID" @@ -83,34 +87,32 @@ # ============================================================ - - name: Search for NAT gateways by subnet - no matches + - name: Search for NAT gateways by subnet (no matches) - CHECK_MODE ec2_vpc_nat_gateway_info: filters: subnet-id: "{{ subnet_id }}" state: ['available'] register: existing_ngws - retries: 10 - until: existing_ngws is not failed + check_mode: yes - - name: Assert no NAT gateway found + - name: Assert no NAT gateway found - CHECK_MODE assert: that: - existing_ngws is successful - (existing_ngws.result|length) == 0 - # - name: Search for NAT gateways by subnet (no matches) - CHECK_MODE - # ec2_vpc_nat_gateway_info: - # filters: - # subnet-id: "{{ subnet_id }}" - # state: ['available'] - # register: existing_ngws - # check_mode: yes + - name: Search for NAT gateways by subnet - no matches + ec2_vpc_nat_gateway_info: + filters: + subnet-id: "{{ subnet_id }}" + state: ['available'] + register: existing_ngws - # - name: Assert no NAT gateway found - CHECK_MODE - # assert: - # that: - # - existing_ngws is successful - # - (existing_ngws.result|length) == 0 + - name: Assert no NAT gateway found + assert: + that: + - existing_ngws is successful + - (existing_ngws.result|length) == 0 # ============================================================ @@ -129,14 +131,25 @@ # ============================================================ + - name: Create new NAT gateway with eip allocation-id - CHECK_MODE + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + wait: yes + register: create_ngw + check_mode: yes + + - name: Assert creation happened (expected changed=true) - CHECK_MODE + assert: + that: + - create_ngw.changed + - name: Create new NAT gateway with eip allocation-id ec2_vpc_nat_gateway: subnet_id: "{{ subnet_id }}" allocation_id: "{{ allocation_id }}" wait: yes register: create_ngw - retries: 10 - until: create_ngw is not failed - name: Assert creation happened (expected changed=true) assert: @@ -160,99 +173,44 @@ nat_gateway_id: "{{ create_ngw.nat_gateway_id }}" network_interface_id: "{{ create_ngw.nat_gateway_addresses[0].network_interface_id }}" - # - name: Create new NAT gateway with eip allocation-id - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # wait: yes - # register: create_ngw - # check_mode: yes - # - # - name: Assert creation happened (expected changed=true) - CHECK_MODE - # assert: - # that: - # - create_ngw.changed - # - '"create_time" in create_ngw' - # - '"nat_gateway_addresses" in create_ngw' - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id - - - # ============================================================ + + # ============================================================ - name: Get NAT gateway with specific filters (state and subnet) ec2_vpc_nat_gateway_info: - filters: - subnet-id: "{{ subnet_id }}" - state: ['available'] + filters: + subnet-id: "{{ subnet_id }}" + state: ['available'] register: avalaible_ngws - retries: 10 - until: avalaible_ngws is not failed - name: Assert success assert: that: - - avalaible_ngws is successful - - avalaible_ngws.result | length == 1 - - '"create_time" in first_ngw' - - '"nat_gateway_addresses" in first_ngw' - - '"nat_gateway_id" in first_ngw' - - first_ngw.nat_gateway_id == nat_gateway_id - - '"state" in first_ngw' - - first_ngw.state == 'available' - - '"subnet_id" in first_ngw' - - first_ngw.subnet_id == subnet_id - - '"tags" in first_ngw' - - '"vpc_id" in first_ngw' - - first_ngw.vpc_id == vpc_id + - avalaible_ngws is successful + - avalaible_ngws.result | length == 1 + - '"create_time" in first_ngw' + - '"nat_gateway_addresses" in first_ngw' + - '"nat_gateway_id" in first_ngw' + - first_ngw.nat_gateway_id == nat_gateway_id + - '"state" in first_ngw' + - first_ngw.state == 'available' + - '"subnet_id" in first_ngw' + - first_ngw.subnet_id == subnet_id + - '"tags" in first_ngw' + - '"vpc_id" in first_ngw' + - first_ngw.vpc_id == vpc_id vars: first_ngw: '{{ avalaible_ngws.result[0] }}' - - #- name: Get all NAT gateways with specific filters (state and subnet) - CHECK_MODE - # ec2_vpc_nat_gateway_info: - # filters: - # state: ['available'] - # subnet-id: "{{ subnet_id }}" - # register: avalaible_ngws - - #- name: Assert success - CHECK_MODE - # assert: - # that: - # - avalaible_ngws is successful - # - avalaible_ngws.result | length == 1 - # - '"create_time" in first_ngw' - # - '"nat_gateway_addresses" in first_ngw' - # - '"nat_gateway_id" in first_ngw' - # - first_ngw.nat_gateway_id == nat_gateway_id - # - '"state" in first_ngw' - # - first_ngw.state == 'available' - # - '"subnet_id" in first_ngw' - # - first_ngw.subnet_id == subnet_id - # - '"tags" in first_ngw' - # - '"vpc_id" in first_ngw' - # - first_ngw.vpc_id == vpc_id - # vars: - # first_ngw: '{{ avalaible_ngws.result[0] }}' - # ============================================================ - - name: Trying this again for idempotency - create new NAT gateway with eip allocation-id + - name: Trying this again for idempotency - create new NAT gateway with eip allocation-id - CHECK_MODE ec2_vpc_nat_gateway: subnet_id: "{{ subnet_id }}" allocation_id: "{{ allocation_id }}" wait: yes register: create_ngw - retries: 10 - until: create_ngw is not failed + check_mode: yes - - name: Assert recreation would do nothing (expected changed=false) + - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE assert: that: - not create_ngw.changed @@ -269,143 +227,64 @@ - '"vpc_id" in create_ngw' - create_ngw.vpc_id == vpc_id - # - name: Trying this again for idempotency - create new NAT gateway with eip allocation-id - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # wait: yes - # register: create_ngw - # check_mode: yes - - # - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE - # assert: - # that: - # - not create_ngw.changed - # - '"create_time" in create_ngw' - # - '"nat_gateway_addresses" in create_ngw' - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id - - - # ============================================================ - #- name: Create new NAT gateway with eip address - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # eip_address: "{{ eip_address }}" - # wait: yes - # register: create_ngw - # - #- name: Assert creation happened (expected changed=true) - # assert: - # that: - # - create_ngw.changed - # - '"create_time" in create_ngw' - # - '"nat_gateway_addresses" in create_ngw' - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id - - # - name: Create new nat gateway with eip address - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # eip_address: "{{ eip_address }}" - # wait: yes - # register: create_ngw - # check_mode: yes - - # - name: Assert creation happened (expected changed=true) - CHECK_MODE - # assert: - # that: - # - create_ngw.changed - # - '"create_time" in create_ngw' - # - '"nat_gateway_addresses" in create_ngw' - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id - - - # ============================================================ - # - name: Trying this again for idempotency - create new nat gateway with eip address - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # eip_address: "{{ eip_address }}" - # wait: yes - # register: create_ngw - - # - name: Assert recreation would do nothing (expected changed=false) - # assert: - # that: - # - not create_ngw.changed - # - '"create_time" in create_ngw' - # - '"nat_gateway_addresses" in create_ngw' - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id - - # - name: Trying this again for idempotency - create new nat gateway with eip address - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # eip_address: "{{ eip_address }}" - # wait: yes - # register: create_ngw - # check_mode: yes - - # - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE - # assert: - # that: - # - not create_ngw.changed - # - '"create_time" in create_ngw' - # - '"nat_gateway_addresses" in create_ngw' - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id + - name: Trying this again for idempotency - create new NAT gateway with eip allocation-id + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + wait: yes + register: create_ngw + - name: Assert recreation would do nothing (expected changed=false) + assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + # ============================================================ + - name: Create new NAT gateway only if one does not exist already - CHECK_MODE + ec2_vpc_nat_gateway: + if_exist_do_not_create: yes + subnet_id: "{{ subnet_id }}" + wait: yes + register: create_ngw + check_mode: yes + + - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE + assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + - name: Create new NAT gateway only if one does not exist already ec2_vpc_nat_gateway: if_exist_do_not_create: yes subnet_id: "{{ subnet_id }}" wait: yes register: create_ngw - retries: 10 - until: create_ngw is not failed - name: Assert recreation would do nothing (expected changed=false) assert: @@ -423,39 +302,124 @@ - '"tags" in create_ngw' - '"vpc_id" in create_ngw' - create_ngw.vpc_id == vpc_id + + + # ============================================================ + - name: Allocate a new EIP + ec2_eip: + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: FREE + register: eip_result + + - name: Assert success + assert: + that: + - eip_result is successful + - '"allocation_id" in eip_result' + - 'eip_result.allocation_id.startswith("eipalloc-")' + - '"public_ip" in eip_result' + + - name: "set fact: EIP allocation ID and EIP public IP" + set_fact: + second_eip_address: "{{ eip_result.public_ip }}" + second_allocation_id: "{{ eip_result.allocation_id }}" - # - name: Create new nat gateway only if one does not exist already - CHECK_MODE - # ec2_vpc_nat_gateway: - # if_exist_do_not_create: yes - # subnet_id: "{{ subnet_id }}" - # wait: yes - # register: create_ngw - # check_mode: yes - - # - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE - # assert: - # that: - # - not create_ngw.changed - # - '"create_time" in create_ngw' - # - '"nat_gateway_addresses" in create_ngw' - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id + - name: Create new nat gateway with eip address - CHECK_MODE + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: yes + register: create_ngw + check_mode: yes + + - name: Assert creation happened (expected changed=true) - CHECK_MODE + assert: + that: + - create_ngw.changed + + - name: Create new NAT gateway with eip address + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: yes + register: create_ngw + - name: Assert creation happened (expected changed=true) + assert: + that: + - create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == second_allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + + # ============================================================ + - name: Trying this again for idempotency - create new NAT gateway with eip address - CHECK_MODE + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: yes + register: create_ngw + check_mode: yes + + - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE + assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == second_allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Trying this again for idempotency - create new NAT gateway with eip address + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: yes + register: create_ngw + + - name: Assert recreation would do nothing (expected changed=false) + assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == second_allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + + # ============================================================ - name: Fetch NAT gateway by ID (list) ec2_vpc_nat_gateway_info: nat_gateway_ids: - "{{ nat_gateway_id }}" register: ngw_info - retries: 10 - until: ngw_info is not failed - name: Check NAT gateway exists assert: @@ -476,41 +440,27 @@ vars: first_ngw: '{{ ngw_info.result[0] }}' - # - name: Fetch NAT gateway by ID (list) - CHECK_MODE - # ec2_vpc_nat_gateway_info: - # nat_gateway_ids: - # - "{{ nat_gateway_id }}" - # register: ngw_info - # check_mode: yes - - # - name: Check NAT gateway exists - CHECK_MODE - # assert: - # that: - # - '"internet_gateways" in igw_info' - # - avalaible_ngws.result | length == 1 - # - '"create_time" in first_ngw' - # - '"nat_gateway_addresses" in first_ngw' - # - '"nat_gateway_id" in first_ngw' - # - first_ngw.nat_gateway_id == nat_gateway_id - # - '"state" in first_ngw' - # - first_ngw.state == 'available' - # - '"subnet_id" in first_ngw' - # - first_ngw.subnet_id == subnet_id - # - '"tags" in first_ngw' - # - '"vpc_id" in first_ngw' - # - first_ngw.vpc_id == vpc_id - # vars: - # first_ngw: '{{ ngw_info.result[0] }}' # ============================================================ + - name: Delete NAT gateway - CHECK_MODE + ec2_vpc_nat_gateway: + nat_gateway_id: "{{ nat_gateway_id }}" + state: absent + wait: yes + register: delete_nat_gateway + check_mode: yes + + - name: Assert state=absent (expected changed=true) - CHECK_MODE + assert: + that: + - delete_nat_gateway.changed + - name: Delete NAT gateway ec2_vpc_nat_gateway: nat_gateway_id: "{{ nat_gateway_id }}" state: absent wait: yes register: delete_nat_gateway - retries: 10 - until: delete_nat_gateway is not failed - name: Assert state=absent (expected changed=true) assert: @@ -528,32 +478,24 @@ - '"vpc_id" in delete_nat_gateway' - delete_nat_gateway.vpc_id == vpc_id - # - name: Delete NAT gateway - CHECK_MODE - # ec2_vpc_nat_gateway: - # nat_gateway_id: "{{ nat_gateway_id }}" - # state: absent - # wait: yes - # register: delete_nat_gateway - # check_mode: yes - - # - name: Assert state=absent (expected changed=true) - CHECK_MODE - # assert: - # that: - # - delete_nat_gateway.changed - # - '"delete_time" in delete_nat_gateway' - # - '"nat_gateway_addresses" in delete_nat_gateway' - # - '"nat_gateway_id" in delete_nat_gateway' - # - delete_nat_gateway.nat_gateway_id == nat_gateway_id - # - '"state" in delete_nat_gateway' - # - delete_nat_gateway.state == 'deleted' - # - '"subnet_id" in delete_nat_gateway' - # - delete_nat_gateway.subnet_id == subnet_id - # - '"tags" in delete_nat_gateway' - # - '"vpc_id" in delete_nat_gateway' - # - delete_nat_gateway.vpc_id == vpc_id - # ============================================================ + - name: Create new NAT gateway with eip allocation-id and tags - CHECK_MODE + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + tags: + tag_one: '{{ resource_prefix }} One' + "Tag Two": 'two {{ resource_prefix }}' + wait: yes + register: create_ngw + check_mode: yes + + - name: Assert creation happened (expected changed=true) - CHECK_MODE + assert: + that: + - create_ngw.changed + - name: Create new NAT gateway with eip allocation-id and tags ec2_vpc_nat_gateway: subnet_id: "{{ subnet_id }}" @@ -583,44 +525,13 @@ - '"vpc_id" in create_ngw' - create_ngw.vpc_id == vpc_id - - name: "set facts: NAT gateway ID" set_fact: ngw_id: "{{ create_ngw.nat_gateway_id }}" - # - name: Create new NAT gateway with eip allocation-id and tags - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # tags: - # tag_one: '{{ resource_prefix }} One' - # "Tag Two": 'two {{ resource_prefix }}' - # wait: yes - # register: create_ngw - # check_mode: yes - - # - name: Assert creation happened (expected changed=true) - CHECK_MODE - # assert: - # that: - # - create_ngw.changed - # - '"create_time" in create_ngw' - # - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id - # - '"nat_gateway_id" in create_ngw' - # - create_ngw.nat_gateway_id.startswith("nat-") - # - '"state" in create_ngw' - # - create_ngw.state == 'available' - # - '"subnet_id" in create_ngw' - # - create_ngw.subnet_id == subnet_id - # - '"tags" in create_ngw' - # - create_ngw.tags | length == 2 - # - create_ngw.tags["tag_one"] == '{{ resource_prefix }} One' - # - create_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' - # - '"vpc_id" in create_ngw' - # - create_ngw.vpc_id == vpc_id - # ============================================================ - - name: Update the tags (no change) + - name: Update the tags (no change) - CHECK_MODE ec2_vpc_nat_gateway: subnet_id: "{{ subnet_id }}" allocation_id: "{{ allocation_id }}" @@ -629,8 +540,9 @@ "Tag Two": 'two {{ resource_prefix }}' wait: yes register: update_tags_ngw + check_mode: yes - - name: assert tag update would do nothing (expected changed=false) + - name: assert tag update would do nothing (expected changed=false) - CHECK_MODE assert: that: - not update_tags_ngw.changed @@ -645,44 +557,42 @@ - '"vpc_id" in update_tags_ngw' - update_tags_ngw.vpc_id == vpc_id + - name: Update the tags (no change) + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + tags: + tag_one: '{{ resource_prefix }} One' + "Tag Two": 'two {{ resource_prefix }}' + wait: yes + register: update_tags_ngw - - # - name: Update the tags (no change) - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # tags: - # tag_one: '{{ resource_prefix }} One' - # "Tag Two": 'two {{ resource_prefix }}' - # wait: yes - # register: update_tags_ngw - # check_mode: yes - - # - name: assert tag update would do nothing (expected changed=false) - CHECK_MODE - # assert: - # that: - # - not update_tags_ngw.changed - # - '"nat_gateway_id" in update_tags_ngw' - # - update_tags_ngw.nat_gateway_id == ngw_id - # - '"subnet_id" in update_tags_ngw' - # - update_tags_ngw.subnet_id == subnet_id - # - '"tags" in update_tags_ngw' - # - update_tags_ngw.tags | length == 2 - # - update_tags_ngw.tags["tag_one"] == '{{ resource_prefix }} One' - # - update_tags_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' - # - '"vpc_id" in update_tags_ngw' - # - update_tags_ngw.vpc_id == vpc_id + - name: assert tag update would do nothing (expected changed=false) + assert: + that: + - not update_tags_ngw.changed + - '"nat_gateway_id" in update_tags_ngw' + - update_tags_ngw.nat_gateway_id == ngw_id + - '"subnet_id" in update_tags_ngw' + - update_tags_ngw.subnet_id == subnet_id + - '"tags" in update_tags_ngw' + - update_tags_ngw.tags | length == 2 + - update_tags_ngw.tags["tag_one"] == '{{ resource_prefix }} One' + - update_tags_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' + - '"vpc_id" in update_tags_ngw' + - update_tags_ngw.vpc_id == vpc_id # ============================================================ - - name: Gather information about a filtered list of NAT Gateways using tags and state + - name: Gather information about a filtered list of NAT Gateways using tags and state - CHECK_MODE ec2_vpc_nat_gateway_info: filters: "tag:Tag Two": 'two {{ resource_prefix }}' state: ['available'] register: ngw_info + check_mode: yes - - name: Assert success + - name: Assert success - CHECK_MODE assert: that: - ngw_info is successful @@ -705,43 +615,41 @@ - second_ngw.vpc_id == vpc_id vars: second_ngw: '{{ ngw_info.result[0] }}' - - #- name: Gather information about a filtered list of NAT Gateways using tags and state - CHECK_MODE - # ec2_vpc_nat_gateway_info: - # filters: - # "tag:Tag Two": 'two {{ resource_prefix }}' - # state: ['available'] - # register: ngw_info - # check_mode: yes - - #- name: Assert success - CHECK_MODE - # assert: - # that: - # - ngw_info is successful - # - ngw_info.result | length == 1 - # - '"create_time" in second_ngw' - # - '"nat_gateway_addresses" in second_ngw' - # - '"nat_gateway_id" in second_ngw' - # - second_ngw.nat_gateway_id == ngw_id - # - '"state" in second_ngw' - # - second_ngw.state == 'available' - # - '"subnet_id" in second_ngw' - # - second_ngw.subnet_id == subnet_id - # - '"tags" in second_ngw' - # - second_ngw.tags | length == 2 - # - '"tag_one" in second_ngw.tags' - # - '"Tag Two" in second_ngw.tags' - # - second_ngw.tags["tag_one"] == '{{ resource_prefix }} One' - # - second_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' - # - '"vpc_id" in second_ngw' - # - second_ngw.vpc_id == vpc_id - # vars: - # second_ngw: '{{ ngw_info.result[0] }}' + - name: Gather information about a filtered list of NAT Gateways using tags and state + ec2_vpc_nat_gateway_info: + filters: + "tag:Tag Two": 'two {{ resource_prefix }}' + state: ['available'] + register: ngw_info + + - name: Assert success + assert: + that: + - ngw_info is successful + - ngw_info.result | length == 1 + - '"create_time" in second_ngw' + - '"nat_gateway_addresses" in second_ngw' + - '"nat_gateway_id" in second_ngw' + - second_ngw.nat_gateway_id == ngw_id + - '"state" in second_ngw' + - second_ngw.state == 'available' + - '"subnet_id" in second_ngw' + - second_ngw.subnet_id == subnet_id + - '"tags" in second_ngw' + - second_ngw.tags | length == 2 + - '"tag_one" in second_ngw.tags' + - '"Tag Two" in second_ngw.tags' + - second_ngw.tags["tag_one"] == '{{ resource_prefix }} One' + - second_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' + - '"vpc_id" in second_ngw' + - second_ngw.vpc_id == vpc_id + vars: + second_ngw: '{{ ngw_info.result[0] }}' # ============================================================ - - name: Update the tags - remove and add + - name: Update the tags - remove and add - CHECK_MODE ec2_vpc_nat_gateway: subnet_id: "{{ subnet_id }}" allocation_id: "{{ allocation_id }}" @@ -750,8 +658,9 @@ "Tag Two": 'two {{ resource_prefix }}' wait: yes register: update_tags_ngw + check_mode: yes - - name: Assert tag update would happen (expected changed=true) + - name: Assert tag update would happen (expected changed=true) - CHECK_MODE assert: that: - update_tags_ngw.changed @@ -766,62 +675,90 @@ - '"vpc_id" in update_tags_ngw' - update_tags_ngw.vpc_id == vpc_id + - name: Update the tags - remove and add + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + tags: + tag_three: '{{ resource_prefix }} Three' + "Tag Two": 'two {{ resource_prefix }}' + wait: yes + register: update_tags_ngw - # - name: Update the tags - remove and add - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # tags: - # tag_three: '{{ resource_prefix }} Three' - # "Tag Two": 'two {{ resource_prefix }}' - # wait: yes - # register: update_tags_ngw - # check_mode: yes - - # - name: Assert tag update would happen (expected changed=true) - CHECK_MODE - # assert: - # that: - # - update_tags_ngw.changed - # - '"nat_gateway_id" in update_tags_ngw' - # - update_tags_ngw.nat_gateway_id == ngw_id - # - '"subnet_id" in update_tags_ngw' - # - update_tags_ngw.subnet_id == subnet_id - # - '"tags" in update_tags_ngw' - # - update_tags_ngw.tags | length == 2 - # - update_tags_ngw.tags["tag_three"] == '{{ resource_prefix }} Three' - # - update_tags_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' - # - '"vpc_id" in update_tags_ngw' - # - update_tags_ngw.vpc_id == vpc_id + - name: Assert tag update would happen (expected changed=true) + assert: + that: + - update_tags_ngw.changed + - '"nat_gateway_id" in update_tags_ngw' + - update_tags_ngw.nat_gateway_id == ngw_id + - '"subnet_id" in update_tags_ngw' + - update_tags_ngw.subnet_id == subnet_id + - '"tags" in update_tags_ngw' + - update_tags_ngw.tags | length == 2 + - update_tags_ngw.tags["tag_three"] == '{{ resource_prefix }} Three' + - update_tags_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' + - '"vpc_id" in update_tags_ngw' + - update_tags_ngw.vpc_id == vpc_id # ============================================================ - - name: Gather information about a filtered list of NAT Gateways using tags (no match) + - name: Gather information about a filtered list of NAT Gateways using tags and state (no match) - CHECK_MODE ec2_vpc_nat_gateway_info: filters: "tag:tag_one": '{{ resource_prefix }} One' + state: ['available'] register: ngw_info + check_mode: yes - - name: Assert success + - name: Assert success - CHECK_MODE assert: that: - ngw_info is successful - ngw_info.result | length == 0 - #- name: Gather information about a filtered list of NAT Gateways using tags (no match) - CHECK_MODE - # ec2_vpc_nat_gateway_info: - # filters: - # "tag:tag_one": '{{ resource_prefix }} One' - # register: ngw_info - # check_mode: yes + - name: Gather information about a filtered list of NAT Gateways using tags and state (no match) + ec2_vpc_nat_gateway_info: + filters: + "tag:tag_one": '{{ resource_prefix }} One' + state: ['available'] + register: ngw_info - #- name: Assert success - CHECK_MODE - # assert: - # that: - # - ngw_info is successful - # - ngw_info.result | length == 0 + - name: Assert success + assert: + that: + - ngw_info is successful + - ngw_info.result | length == 0 # ============================================================ + - name: Update the tags add without purge - CHECK_MODE + ec2_vpc_nat_gateway: + if_exist_do_not_create: yes + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + purge_tags: no + tags: + tag_one: '{{ resource_prefix }} One' + wait: yes + register: update_tags_ngw + check_mode: yes + + - name: Assert tags would be added - CHECK_MODE + assert: + that: + - update_tags_ngw.changed + - '"nat_gateway_id" in update_tags_ngw' + - update_tags_ngw.nat_gateway_id == ngw_id + - '"subnet_id" in update_tags_ngw' + - update_tags_ngw.subnet_id == subnet_id + - '"tags" in update_tags_ngw' + - update_tags_ngw.tags | length == 3 + - update_tags_ngw.tags["tag_one"] == '{{ resource_prefix }} One' + - update_tags_ngw.tags["tag_three"] == '{{ resource_prefix }} Three' + - update_tags_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' + - '"vpc_id" in update_tags_ngw' + - update_tags_ngw.vpc_id == vpc_id + - name: Update the tags add without purge ec2_vpc_nat_gateway: if_exist_do_not_create: yes @@ -850,37 +787,28 @@ - update_tags_ngw.vpc_id == vpc_id - # - name: Update the tags add without purge - CHECK_MODE - # ec2_vpc_nat_gateway: - # if_exist_do_not_create: yes - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # purge_tags: no - # tags: - # tag_one: '{{ resource_prefix }} One' - # wait: yes - # register: update_tags_ngw - # check_mode: yes - - # - name: Assert tags would be added - CHECK_MODE - # assert: - # that: - # - update_tags_ngw.changed - # - '"nat_gateway_id" in update_tags_ngw' - # - update_tags_ngw.nat_gateway_id == ngw_id - # - '"subnet_id" in update_tags_ngw' - # - update_tags_ngw.subnet_id == subnet_id - # - '"tags" in update_tags_ngw' - # - update_tags_ngw.tags | length == 3 - # - update_tags_ngw.tags["tag_one"] == '{{ resource_prefix }} One' - # - update_tags_ngw.tags["tag_three"] == '{{ resource_prefix }} Three' - # - update_tags_ngw.tags["Tag Two"] == 'two {{ resource_prefix }}' - # - '"vpc_id" in update_tags_ngw' - # - update_tags_ngw.vpc_id == vpc_id - + # ============================================================ + - name: Remove all tags - CHECK_MODE + ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + tags: {} + register: delete_tags_ngw + check_mode: yes + - name: assert tags would be removed - CHECK_MODE + assert: + that: + - delete_tags_ngw.changed + - '"nat_gateway_id" in delete_tags_ngw' + - delete_tags_ngw.nat_gateway_id == ngw_id + - '"subnet_id" in delete_tags_ngw' + - delete_tags_ngw.subnet_id == subnet_id + - '"tags" in delete_tags_ngw' + - delete_tags_ngw.tags | length == 0 + - '"vpc_id" in delete_tags_ngw' + - delete_tags_ngw.vpc_id == vpc_id - # ============================================================ - name: Remove all tags ec2_vpc_nat_gateway: subnet_id: "{{ subnet_id }}" @@ -901,30 +829,40 @@ - '"vpc_id" in delete_tags_ngw' - delete_tags_ngw.vpc_id == vpc_id - # - name: Remove all tags - CHECK_MODE - # ec2_vpc_nat_gateway: - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # tags: {} - # register: delete_tags_ngw - # check_mode: yes - - # - name: assert tags would be removed - CHECK_MODE - # assert: - # that: - # - delete_tags_ngw.changed - # - '"nat_gateway_id" in delete_tags_ngw' - # - delete_tags_ngw.nat_gateway_id == ngw_id - # - '"subnet_id" in delete_tags_ngw' - # - delete_tags_ngw.subnet_id == subnet_id - # - '"tags" in delete_tags_ngw' - # - delete_tags_ngw.tags | length == 0 - # - '"vpc_id" in delete_tags_ngw' - # - delete_tags_ngw.vpc_id == vpc_id + # ============================================================ + - name: Update with CamelCase tags - CHECK_MODE + ec2_vpc_nat_gateway: + if_exist_do_not_create: yes + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + purge_tags: no + tags: + "lowercase spaced": 'hello cruel world ❤️' + "Title Case": 'Hello Cruel World ❤️' + CamelCase: 'SimpleCamelCase ❤️' + snake_case: 'simple_snake_case ❤️' + wait: yes + register: update_tags_ngw + check_mode: yes + - name: Assert tags would be added - CHECK_MODE + assert: + that: + - update_tags_ngw.changed + - '"nat_gateway_id" in update_tags_ngw' + - update_tags_ngw.nat_gateway_id == ngw_id + - '"subnet_id" in update_tags_ngw' + - update_tags_ngw.subnet_id == subnet_id + - '"tags" in update_tags_ngw' + - update_tags_ngw.tags | length == 4 + - update_tags_ngw.tags["lowercase spaced"] == 'hello cruel world ❤️' + - update_tags_ngw.tags["Title Case"] == 'Hello Cruel World ❤️' + - update_tags_ngw.tags["CamelCase"] == 'SimpleCamelCase ❤️' + - update_tags_ngw.tags["snake_case"] == 'simple_snake_case ❤️' + - '"vpc_id" in update_tags_ngw' + - update_tags_ngw.vpc_id == vpc_id - # ============================================================ - name: Update with CamelCase tags ec2_vpc_nat_gateway: if_exist_do_not_create: yes @@ -957,56 +895,20 @@ - update_tags_ngw.vpc_id == vpc_id - # - name: Update with CamelCase tags - CHECK_MODE - # ec2_vpc_nat_gateway: - # if_exist_do_not_create: yes - # subnet_id: "{{ subnet_id }}" - # allocation_id: "{{ allocation_id }}" - # purge_tags: no - # tags: - # "lowercase spaced": 'hello cruel world ❤️' - # "Title Case": 'Hello Cruel World ❤️' - # CamelCase: 'SimpleCamelCase ❤️' - # snake_case: 'simple_snake_case ❤️' - # wait: yes - # register: update_tags_ngw - # check_mode: yes - - #- name: Assert tags would be added - CHECK_MODE - # assert: - # that: - # - update_tags_ngw.changed - # - '"nat_gateway_id" in update_tags_ngw' - # - update_tags_ngw.nat_gateway_id == ngw_id - # - '"subnet_id" in update_tags_ngw' - # - update_tags_ngw.subnet_id == subnet_id - # - '"tags" in update_tags_ngw' - # - update_tags_ngw.tags | length == 4 - # - update_tags_ngw.tags["lowercase spaced"] == 'hello cruel world ❤️' - # - update_tags_ngw.tags["Title Case"] == 'Hello Cruel World ❤️' - # - update_tags_ngw.tags["CamelCase"] == 'SimpleCamelCase ❤️' - # - update_tags_ngw.tags["snake_case"] == 'simple_snake_case ❤️' - # - '"vpc_id" in update_tags_ngw' - # - update_tags_ngw.vpc_id == vpc_id - # ============================================================ - - always: - name: Get NAT gateways ec2_vpc_nat_gateway_info: filters: vpc-id: "{{ vpc_id }}" register: existing_ngws - retries: 10 - until: existing_ngws is not failed ignore_errors: true - name: Tidy up NAT gateway ec2_vpc_nat_gateway: subnet_id: "{{ item.subnet_id }}" nat_gateway_id: "{{ item.nat_gateway_id }}" - #release_eip: yes + release_eip: yes state: absent wait: yes with_items: "{{ existing_ngws.result }}"