ec2_vol attaching want to delete cloudformation tags

[yanehi]

Summary

I have created an ebs volume with cloudformation which I want to bind to my ec2 instance using the ec2_vol plugin.

When I want to attach an existing ebs volume to my ec2 it does not work. The plugin wants to delete aws specific tags (in this example created by cloudformation). With ansible v.2.9.9 the ebs volume will be attached successfully.

Issue Type

Bug Report

Component Name

ec2_vol

Ansible Version

$ ansible --version
ansible 2.10.6
  config file = None
  configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.7/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.7.9 (default, Feb 18 2021, 03:10:35) [GCC 7.3.1 20180712 (Red Hat 7.3.1-12)]

Configuration

$ ansible-config dump --only-changed

OS / Environment

NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"

Steps to Reproduce

     - name: "get ebs volume"
          ec2_vol_info:
            region: "{{ aws_region }}"
            filters:
              "tag:Name": "key"
              "tag:aws:cloudformation:stack-name": "value"
          register: ebs_volume

        - name: "attach ebs volume"
          ec2_vol:
            region: "{{ aws_region }}"
            instance: "{{ ansible_ec2_instance_id }}"
            id: "{{ item.id }}"
            name: "ebs-volume-name"
            device_name: /dev/sdf
          loop: "{{ ebs_volume.volumes }}"
          ignore_errors: true

Expected Results

I expected that my existing ebs volume will be attached to my ec2 instance. With ansible version 2.9.9 it works as expected.

Actual Results

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_ec2_vol_payload_j4pmv0sz/ansible_ec2_vol_payload.zip/ansible_collections/amazon/aws/plugins/modules/ec2_vol.py", line 582, in ensure_tags
  File "/tmp/ansible_ec2_vol_payload_j4pmv0sz/ansible_ec2_vol_payload.zip/ansible_collections/amazon/aws/plugins/module_utils/core.py", line 287, in deciding_wrapper
    return retrying_wrapper(*args, **kwargs)
  File "/tmp/ansible_ec2_vol_payload_j4pmv0sz/ansible_ec2_vol_payload.zip/ansible_collections/amazon/aws/plugins/module_utils/cloud.py", line 153, in retry_func
    raise e
  File "/tmp/ansible_ec2_vol_payload_j4pmv0sz/ansible_ec2_vol_payload.zip/ansible_collections/amazon/aws/plugins/module_utils/cloud.py", line 143, in retry_func
    return f(*args, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore/client.py", line 357, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore/client.py", line 676, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (InvalidParameterValue) when calling the DeleteTags operation: Value ( aws:cloudformation:stack-name ) for parameter key is invalid. Tag keys starting with 'aws:' are reserved for internal use
failed: [localhost] (item={'create_time': '2021-02-23T12:54:32.396000+00:00', 'id': 'vol-0c8XXXXXXXXXXXXXX', 'encrypted': False, 'iops': 100, 'size': 25, 'snapshot_id': '', 'status': 'available', 'type': 'gp2', 'zone': 'region', 'region': 'region', 'attachment_set': {'attach_time': None, 'device': None, 'instance_id': None, 'status': None, 'delete_on_termination': None}, 'tags': {'aws:cloudformation:stack-id': 'arn:aws:cloudformation:<region>:<account-id>>:stack/<stackname>/id', 'aws:cloudformation:logical-id': 'logicalID', 'aws:cloudformation:stack-name': '<volume-name>', 'Name': '<volume-name>'}}) => {
    "ansible_loop_var": "item",
    "boto3_version": "1.17.13",
    "botocore_version": "1.20.13",
    "changed": false,
    "error": {
        "code": "InvalidParameterValue",
        "message": "Value ( aws:cloudformation:stack-name ) for parameter key is invalid. Tag keys starting with 'aws:' are reserved for internal use"
    },
    "invocation": {
        "module_args": {
            "aws_access_key": null,
            "aws_ca_bundle": null,
            "aws_config": null,
            "aws_secret_key": null,
            "debug_botocore_endpoint_logs": false,
            "delete_on_termination": false,
            "device_name": "/dev/sdf",
            "ec2_url": null,
            "encrypted": false,
            "id": "vol-0c8XXXXXXXXXXXXXX",
            "instance": "i-03aXXXXXXXXXXXXXX",
            "iops": null,
            "kms_key_id": null,
            "name": "XXXXXXXXXXXXXX",
            "profile": null,
            "region": "XXXXXXXXXXXXXX",
            "security_token": null,
            "snapshot": null,
            "state": "present",
            "tags": {
                "Name": "XXXXXXXXXXXXXX"
            },
            "validate_certs": true,
            "volume_size": null,
            "volume_type": "standard",
            "zone": null
        }
    },
    "item": {
        "attachment_set": {
            "attach_time": null,
            "delete_on_termination": null,
            "device": null,
            "instance_id": null,
            "status": null
        },
        "create_time": "2021-02-23T12:54:32.396000+00:00",
        "encrypted": false,
        "id": "vol-0c820f8957b13b524",
        "iops": 100,
        "region": "XXXXXXXXXXXXXX",
        "size": 25,
        "snapshot_id": "",
        "status": "available",
        "tags": {
            "Name": "VolumeName",
            "aws:cloudformation:logical-id": "VolumeLogilId",
            "aws:cloudformation:stack-id": "arn:aws:cloudformation:<region>:<account-id>>:stack/<stackname>/id",
            "aws:cloudformation:stack-name": "<stackname>"
        },
        "type": "gp2",
        "zone": "XXXXXXXXXXXXXX"
    },
    "msg": "Couldn't delete tags: An error occurred (InvalidParameterValue) when calling the DeleteTags operation: Value ( aws:cloudformation:stack-name ) for parameter key is invalid. Tag keys starting with 'aws:' are reserved for internal use",
    "response_metadata": {
        "http_headers": {
            "cache-control": "no-cache, no-store",
            "connection": "close",
            "date": "Tue, 23 Feb 2021 13:01:02 GMT",
            "server": "AmazonEC2",
            "strict-transport-security": "max-age=31536000; includeSubDomains",
            "transfer-encoding": "chunked",
            "x-amzn-requestid": "4b472448-6185-49bd-af41-0212ac146cf1"
        },
        "http_status_code": 400,
        "request_id": "4b472448-6185-49bd-af41-0212ac146cf1",
        "retry_attempts": 0
    }
}
...ignoring


ansible 2.10.6
  config file = None
  configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.7/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.7.9 (default, Feb 18 2021, 03:10:35) [GCC 7.3.1 20180712 (Red Hat 7.3.1-12)]

[ansibullbot]

Files identified in the description:

• [plugins/modules/ec2_vol.py](https://github.com/['ansible-collections/amazon.aws', 'ansible-collections/community.aws', 'ansible-collections/community.vmware']/blob/main/plugins/modules/ec2_vol.py)

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

[ansibullbot]

cc @jillr @lwade @s-hertel @tremble @wimnat
click here for bot help

[gravesm]

@yanehi Thank you for raising this issue. This should be fixed in the PR #242. When that PR is merged, let us know if this solves your issue.