diff --git a/changelogs/fragments/migrate_ec2_transit_gateway_vpc_attachment.yml b/changelogs/fragments/migrate_ec2_transit_gateway_vpc_attachment.yml new file mode 100644 index 00000000000..21bf1ba51c4 --- /dev/null +++ b/changelogs/fragments/migrate_ec2_transit_gateway_vpc_attachment.yml @@ -0,0 +1,8 @@ +--- +major_changes: + - ec2_transit_gateway_vpc_attachment - The module has been migrated from the ``community.aws`` + collection. Playbooks using the Fully Qualified Collection Name for this module + should be updated to use ``amazon.aws.ec2_transit_gateway_vpc_attachment``. + - ec2_transit_gateway_vpc_attachment_info - The module has been migrated from the + ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name + for this module should be updated to use ``amazon.aws.ec2_transit_gateway_vpc_attachment_info``. diff --git a/meta/runtime.yml b/meta/runtime.yml index b62a89aae8d..9331be82a56 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -52,6 +52,8 @@ action_groups: - ec2_spot_instance_info - ec2_tag - ec2_tag_info + - ec2_transit_gateway_vpc_attachment + - ec2_transit_gateway_vpc_attachment_info - ec2_vol - ec2_vol_info - ec2_vpc_dhcp_option @@ -164,14 +166,14 @@ plugin_routing: rds_param_group: redirect: amazon.aws.rds_instance_param_group deprecation: - removal_version: 10.0.0 - warning_text: >- - rds_param_group has been renamed to rds_instance_param_group. - Please update your tasks. + removal_version: 10.0.0 + warning_text: >- + rds_param_group has been renamed to rds_instance_param_group. + Please update your tasks. lookup: aws_ssm: # Deprecation for this alias should not *start* prior to 2024-09-01 redirect: amazon.aws.ssm_parameter aws_secret: # Deprecation for this alias should not *start* prior to 2024-09-01 - redirect: amazon.aws.secretsmanager_secret + redirect: amazon.aws.secretsmanager_secret \ No newline at end of file diff --git a/plugins/module_utils/transitgateway.py b/plugins/module_utils/transitgateway.py new file mode 100644 index 00000000000..a8f50614e23 --- /dev/null +++ b/plugins/module_utils/transitgateway.py @@ -0,0 +1,514 @@ +# -*- coding: utf-8 -*- + +# Copyright: Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from copy import deepcopy + +try: + from botocore.exceptions import WaiterError +except ImportError: + pass + +from typing import Any +from typing import Dict +from typing import List +from typing import Optional +from typing import Tuple + +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleEC2Error +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import create_transit_gateway_vpc_attachment +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import delete_transit_gateway_vpc_attachment +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import describe_subnets +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import describe_transit_gateway_vpc_attachments +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ensure_ec2_tags +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import modify_transit_gateway_vpc_attachment +from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.tagging import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.tagging import boto3_tag_specifications +from ansible_collections.amazon.aws.plugins.module_utils.transformation import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.transformation import boto3_resource_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter + + +def get_states() -> List[str]: + return [ + "available", + "deleting", + "failed", + "failing", + "initiatingRequest", + "modifying", + "pendingAcceptance", + "pending", + "rollingBack", + "rejected", + "rejecting", + ] + + +def subnets_to_vpc( + client, module: AnsibleAWSModule, subnets: List[str], subnet_details: Optional[List[Dict[str, Any]]] = None +) -> Optional[str]: + if not subnets: + return None + + if subnet_details is None: + try: + subnet_details = describe_subnets(client, SubnetIds=list(subnets)) + except AnsibleEC2Error as e: + module.fail_json_aws_error(e) + + vpcs = [s.get("VpcId") for s in subnet_details] + if len(set(vpcs)) > 1: + module.fail_json( + msg="Attachment subnets may only be in one VPC, multiple VPCs found", + vpcs=list(set(vpcs)), + subnets=subnet_details, + ) + + return vpcs[0] + + +def find_existing_attachment( + client, module: AnsibleAWSModule, filters: Optional[Dict[str, Any]] = None, attachment_id: Optional[str] = None +) -> Optional[Dict[str, Any]]: + """Find an existing transit gateway attachment based on filters or attachment ID. + + Args: + client: The AWS client used to interact with the EC2 service. + module: The Ansible module instance used for error handling. + filters (Optional[Dict[str, Any]]): A dictionary of filters to apply when searching for attachments. + attachment_id (Optional[str]): The ID of a specific attachment to find. + + Returns: + Optional[Dict[str, Any]]: The found attachment details or None if not found. + + Raises: + ValueError: If multiple attachments match the criteria. + """ + # Find an existing attachment based on filters + params = {} + + if attachment_id: + params["TransitGatewayAttachmentIds"] = [attachment_id] + elif filters: + params["Filters"] = ansible_dict_to_boto3_filter_list(filters) + + try: + attachments = describe_transit_gateway_vpc_attachments(client, **params) + except AnsibleEC2Error as e: + module.fail_json_aws_error(e) + + if len(attachments) > 1: + raise ValueError("Multiple matching attachments found, provide an ID.") + + return attachments[0] if attachments else None + + +class TransitGatewayAttachmentStateManager: + def __init__(self, client, module: AnsibleAWSModule, attachment_id: str) -> None: + self.client = client + self.module = module + self.attachment_id = attachment_id + + @property + def waiter_config(self) -> Dict[str, Any]: + params: Dict[str, Any] = {} + + delay = min(5, self.module.params.get("wait_timeout")) + max_attempts = self.module.params.get("wait_timeout") // delay + config = dict(Delay=delay, MaxAttempts=max_attempts) + params["WaiterConfig"] = config + + return params + + def create_attachment(self, params: Dict[str, Any]) -> str: + """ + Create a new transit gateway attachment. + + Args: + params (Dict[str, Any]): A dictionary containing the parameters needed to + create the transit gateway attachment. + + Returns: + str: The ID of the newly created transit gateway attachment. + + Raises: + AnsibleEC2Error: If there is an error while creating the VPC attachment, + it will fail the module and provide an error message. + """ + try: + tags = params.pop("Tags") + except KeyError: + tags = None + + if tags: + params["TagSpecifications"] = boto3_tag_specifications(tags, types=["transit-gateway-attachment"]) + + try: + response = create_transit_gateway_vpc_attachment(self.client, **params) + except AnsibleEC2Error as e: + self.module.fail_json_aws_error(e) + + self.attachment_id = response["TransitGatewayAttachmentId"] + + return response["TransitGatewayAttachmentId"] + + def delete_attachment(self) -> bool: + # Delete the transit gateway attachment + + if not self.attachment_id: + return False + + if not self.module.check_mode: + try: + delete_transit_gateway_vpc_attachment(self.client, self.attachment_id) + except AnsibleEC2Error as e: + self.module.fail_json_aws_error(e) + + return True + + def wait_for_state_change(self, desired_state: str) -> None: + # Wait until attachment reaches the desired state + params = {"TransitGatewayAttachmentIds": [self.attachment_id]} + params.update(self.waiter_config) + waiter = get_waiter(self.client, f"transit_gateway_vpc_attachment_{desired_state}") + + try: + waiter.wait(**params) + except WaiterError as e: + self.module.fail_json_aws(e, "Timeout waiting for State change") + + +class AttachmentConfigurationManager: + def __init__(self, client, module: AnsibleAWSModule, attachment_id: str, existing: Dict[str, Any]) -> None: + self.client = client + self.module = module + self.attachment_id = attachment_id + + self.existing = existing or {} + self._resource_updates = {} + self._subnets_to_add = [] + self._subnets_to_remove = [] + + @property + def resource_updates(self) -> Dict[str, Any]: + return self._resource_updates + + @property + def subnets_to_add(self) -> List[str]: + return self._subnets_to_add + + @property + def subnets_to_remove(self) -> List[str]: + return self._subnets_to_remove + + def set_subnets(self, subnets: Optional[List[str]] = None, purge: bool = True) -> None: + """ + Set or update the subnets associated with the transit gateway attachment. + + Args: + subnets (Optional[List[str]]): A list of subnet IDs to associate with + the attachment. + purge (bool): If True, the existing subnets will be replaced with the + specified subnets. + """ + # Set or update the subnets associated with the attachment + if subnets is None: + return + + current_subnets = set(self.existing.get("SubnetIds", [])) + desired_subnets = set(subnets) + if not purge: + desired_subnets = desired_subnets.union(current_subnets) + + # We'll pull the VPC ID from the subnets, no point asking for + # information we 'know'. + try: + subnet_details = describe_subnets(self.client, SubnetIds=list(desired_subnets)) + except AnsibleEC2Error as e: + self.module.fail_json_aws_error(e) + vpc_id = subnets_to_vpc(self.client, self.module, desired_subnets, subnet_details) + self._set_resource_value("VpcId", vpc_id, immutable=True) + + # Only one subnet per-AZ is permitted + azs = [s.get("AvailabilityZoneId") for s in subnet_details] + if len(azs) != len(set(azs)): + self.module.fail_json( + msg="Only one attachment subnet per availability zone may be set.", + availability_zones=azs, + subnets=subnet_details, + ) + + self._subnets_to_add = list(desired_subnets.difference(current_subnets)) + self._subnets_to_remove = list(current_subnets.difference(desired_subnets)) + self._set_resource_value("SubnetIds", list(desired_subnets)) + + def set_dns_support(self, value): + return self._set_option("DnsSupport", value) + + def set_ipv6_support(self, value): + return self._set_option("Ipv6Support", value) + + def set_appliance_mode_support(self, value): + return self._set_option("ApplianceModeSupport", value) + + def set_transit_gateway(self, tgw_id: str): + return self._set_resource_value("TransitGatewayId", tgw_id) + + def set_vpc(self, vpc_id: str): + return self._set_resource_value("VpcId", vpc_id) + + def set_tags(self, tags, purge_tags): + current_tags = boto3_tag_list_to_ansible_dict(self.existing.get("Tags", None)) + + if purge_tags: + desired_tags = deepcopy(tags) + else: + desired_tags = {**current_tags, **tags} + + self._set_resource_value("Tags", desired_tags) + + def _get_resource_value(self, key, default=None): + default_value = self.existing.get(key, default) + return self._resource_updates.get(key, default_value) + + def _set_option(self, name: str, value: Optional[bool]) -> bool: + """ + Set a VPC attachment option to either enable or disable. + + Args: + name (str): The name of the option to be updated. + value (Optional[bool]): A boolean indicating whether to enable (True) + or disable (False) the specified option. If None, no action is + taken. + + Returns: + bool: Returns True if the option was successfully set, or False if + no update was made (because the value was None). + """ + if value is None: + return False + + # For now VPC Attachment options are all enable/disable + value = "enable" if value else "disable" + + options = deepcopy(self.existing.get("Options", dict())) + options.update(self._resource_updates.get("Options", dict())) + options[name] = value + + return self._set_resource_value("Options", options) + + def _set_resource_value(self, key, value, description: Optional[str] = None, immutable: bool = False) -> bool: + """ + Set a value for a resource attribute and track changes. + + Args: + key (str): The attribute key to be updated. + value (Any): The new value to set for the specified key. + description (Optional[str], optional): A human-readable description of the + resource attribute. + immutable (bool, optional): A flag indicating whether the attribute is + immutable. If True, and the resource exists, an error will be raised + if attempting to change the value. Defaults to False. + + Returns: + bool: Returns True if the value was successfully set, or False if no + update was made. + """ + if value is None or value == self._get_resource_value(key): + return False + + if immutable and self.existing: + description = description or key + self.module.fail_json(msg=f"{description} can not be updated after creation") + + self.resource_updates[key] = value + + return True + + def filter_immutable_resource_attributes(self, resource: Dict[str, Any]) -> Dict[str, Any]: + """ + Filter out immutable resource attributes from the given resource dictionary. + + Args: + resource (Dict[str, Any]): A dictionary representing the resource, which + may contain various attributes, including both mutable and immutable ones. + + Returns: + Dict[str, Any]: A new dictionary containing only the mutable attributes + of the resource. + """ + immutable_options = ["TransitGatewayId", "VpcId", "VpcOwnerId", "State", "SubnetIds", "CreationTime", "Tags"] + return {key: value for key, value in resource.items() if key not in immutable_options} + + +class TransitGatewayVpcAttachmentManager: + def __init__( + self, client, module: AnsibleAWSModule, existing: Dict[str, Any], attachment_id: Optional[str] = None + ) -> None: + self.client = client + self.module = module + self.attachment_id = attachment_id + self.existing = existing or {} + self.updated = {} + self.changed = False + + self.state_manager = TransitGatewayAttachmentStateManager(client, module, attachment_id) + self.config_manager = AttachmentConfigurationManager(client, module, attachment_id, existing) + + def merge_resource_changes(self, filter_immutable: bool = True) -> Dict[str, Any]: + """Merge existing resource attributes with updates, optionally filtering out immutable attributes. + + Args: + filter_immutable (bool): Whether to filter out immutable resource attributes. Defaults to True. + + Returns: + Dict[str, Any]: The merged resource attributes. + """ + resource = deepcopy(self.existing) + resource.update(self.config_manager.resource_updates) + + if filter_immutable: + resource = self.config_manager.filter_immutable_resource_attributes(resource) + + return resource + + def apply_configuration(self): + """Apply configuration changes to the transit gateway attachment. + + Returns: + bool: True if configuration changes were applied, False otherwise. + """ + # Apply any configuration changes to the attachment + if not self.attachment_id: + return False + + updates = self.config_manager.filter_immutable_resource_attributes(self.config_manager.resource_updates) + + subnets_to_add = self.config_manager.subnets_to_add + subnets_to_remove = self.config_manager.subnets_to_remove + + # Check if there are no changes to apply + if not updates and not subnets_to_add and not subnets_to_remove: + return False + + if subnets_to_add: + updates["AddSubnetIds"] = subnets_to_add + if subnets_to_remove: + updates["RemoveSubnetIds"] = subnets_to_remove + + updates["TransitGatewayAttachmentId"] = self.attachment_id + + if not self.module.check_mode: + try: + modify_transit_gateway_vpc_attachment(self.client, **updates) + except AnsibleEC2Error as e: + self.module.fail_json_aws_error(e) + return True + + def _set_configuration_parameters(self) -> None: + """Set configuration parameters for the transit gateway attachment.""" + self.config_manager.set_transit_gateway(self.module.params.get("transit_gateway")) + self.config_manager.set_subnets(self.module.params["subnets"], self.module.params.get("purge_subnets", True)) + self.config_manager.set_dns_support(self.module.params.get("dns_support")) + self.config_manager.set_ipv6_support(self.module.params.get("ipv6_support")) + self.config_manager.set_appliance_mode_support(self.module.params.get("appliance_mode_support")) + + def _prepare_tags(self) -> Tuple[Optional[Dict[str, str]], bool]: + """Prepare and return the tags and purge flag. + + Returns: + Tuple[Optional[Dict[str, str]], bool]: A tuple containing the tags dictionary and the purge flag. + """ + tags = self.module.params.get("tags") + purge_tags = self.module.params.get("purge_tags") + + if self.module.params.get("name"): + new_tags = {"Name": self.module.params["name"]} + if tags is None: + purge_tags = False + else: + new_tags.update(tags) + tags = new_tags + + return {} if tags is None else tags, purge_tags + + def _create_attachment(self) -> None: + """Create a new transit gateway attachment.""" + if not self.module.check_mode: + params = self.merge_resource_changes(filter_immutable=False) + self.attachment_id = self.state_manager.create_attachment(params) + + if self.module.params.get("wait"): + self.state_manager.wait_for_state_change("available") + + self.changed = True + + def _update_attachment(self, tags: Dict[str, Any], purge_tags: bool) -> None: + """Update an existing transit gateway attachment.""" + if self.existing.get("State") == "pending": + # Wait for resources to finish creating before updating + self.state_manager.wait_for_state_change("available") + elif self.existing.get("State") == "deleting": + self.module.fail_json( + msg="Deletion in progress, unable to update", + attachments=[boto3_resource_to_ansible_dict(self.existing)], + ) + + # Apply the configuration + if self.apply_configuration(): + self.changed = True + if self.module.params.get("wait"): + self.state_manager.wait_for_state_change("available") + + # Ensure tags are applied + self.changed |= ensure_ec2_tags( + self.client, + self.module, + self.attachment_id, + resource_type="transit-gateway-attachment", + tags=tags, + purge_tags=purge_tags, + ) + + def create_or_modify_attachment(self): + """Create or modify a transit gateway attachment based on the provided parameters.""" + + # Set the configuration parameters + self._set_configuration_parameters() + + # Handle tags + tags, purge_tags = self._prepare_tags() + + # Set tags in the configuration manager + self.config_manager.set_tags(tags, purge_tags) + + if not self.existing: + self._create_attachment() + else: + self._update_attachment(tags, purge_tags) + + # Handle check mode updates + if self.module.check_mode: + self.updated = camel_dict_to_snake_dict( + self.merge_resource_changes(filter_immutable=False), ignore_list=["Tags"] + ) + else: + self.updated = boto3_resource_to_ansible_dict( + find_existing_attachment(self.client, self.module, attachment_id=self.attachment_id) + ) + + def delete_attachment(self): + """Delete attachment""" + if self.existing.get("State") == "deleting": + if self.module.params.get("wait"): + self.state_manager.wait_for_state_change("deleted") + self.change = False + else: + self.changed |= self.state_manager.delete_attachment() + if self.module.params.get("wait"): + self.state_manager.wait_for_state_change("deleted") diff --git a/plugins/modules/ec2_transit_gateway_vpc_attachment.py b/plugins/modules/ec2_transit_gateway_vpc_attachment.py new file mode 100644 index 00000000000..aeb86269ea3 --- /dev/null +++ b/plugins/modules/ec2_transit_gateway_vpc_attachment.py @@ -0,0 +1,327 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +module: ec2_transit_gateway_vpc_attachment +short_description: Create and delete AWS Transit Gateway VPC attachments +version_added: 4.0.0 +version_added_collection: community.aws +description: + - Creates, Deletes and Updates AWS Transit Gateway VPC Attachments. +options: + transit_gateway: + description: + - The ID of the Transit Gateway that the attachment belongs to. + - When creating a new attachment, O(transit_gateway) must be provided. + - At least one of O(name), O(transit_gateway) and O(id) must be provided. + - O(transit_gateway) is an immutable setting and can not be updated on an + existing attachment. + type: str + required: false + aliases: ["transit_gateway_id"] + id: + description: + - The ID of the Transit Gateway Attachment. + - When O(id) is not set, a search using O(transit_gateway) and O(name) will be + performed. If multiple results are returned, the module will fail. + - At least one of O(name), O(transit_gateway) and O(id) must be provided. + type: str + required: false + aliases: ["attachment_id"] + name: + description: + - The V(Name) tag of the Transit Gateway attachment. + - Providing both O(id) and O(name) will set the V(Name) tag on an existing + attachment the matching O(id). + - Setting the V(Name) tag in O(tags) will also result in the V(Name) tag being + updated. + - At least one of O(name), O(transit_gateway) and O(id) must be provided. + type: str + required: false + state: + description: + - Create or remove the Transit Gateway attachment. + type: str + required: false + choices: ["present", "absent"] + default: 'present' + subnets: + description: + - The ID of the subnets in which to create the transit gateway VPC attachment. + - Required when creating a new attachment. + type: list + elements: str + required: false + purge_subnets: + description: + - If O(purge_subnets=true), existing subnets will be removed from the + attachment as necessary to match exactly what is defined by O(subnets). + type: bool + required: false + default: true + dns_support: + description: + - Whether DNS support is enabled. + type: bool + required: false + ipv6_support: + description: + - Whether IPv6 support is enabled. + type: bool + required: false + appliance_mode_support: + description: + - Whether the attachment is configured for appliance mode. + - When appliance mode is enabled, Transit Gateway, using 4-tuples of an + IP packet, selects a single Transit Gateway ENI in the Appliance VPC + for the life of a flow to send traffic to. + type: bool + required: false + wait: + description: + - Whether to wait for the Transit Gateway attachment to reach the + C(Available) or C(Deleted) state before the module returns. + type: bool + required: false + default: true + wait_timeout: + description: + - Maximum time, in seconds, to wait for the Transit Gateway attachment + to reach the expected state. + - Defaults to 600 seconds. + type: int + default: 600 + required: false +author: + - Mark Chappell (@tremble) + - Alina Buzachis (@alinabuzachis) +extends_documentation_fragment: + - amazon.aws.common.modules + - amazon.aws.region.modules + - amazon.aws.tags + - amazon.aws.boto3 +""" + +EXAMPLES = r""" +- name: Create a Transit Gateway attachment + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: "present" + transit_gateway: "tgw-123456789abcdef01" + name: "AnsibleTest-1" + subnets: + - "subnet-00000000000000000" + - "subnet-11111111111111111" + - "subnet-22222222222222222" + ipv6_support: true + purge_subnets: true + dns_support: true + appliance_mode_support: true + tags: + TestTag: "changed data in Test Tag" + +- name: Set sub options on a Transit Gateway attachment + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: "present" + id: "tgw-attach-0c0c5fd0b0f01d1c9" + name: "AnsibleTest-1" + ipv6_support: true + purge_subnets: false + dns_support: false + appliance_mode_support: true + +- name: Delete the transit gateway + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: "absent" + id: "tgw-attach-0c0c5fd0b0f01d1c9" +""" + +RETURN = r""" +attachments: + description: The attributes of the Transit Gateway attachments. + type: list + elements: dict + returned: success + contains: + creation_time: + description: + - An ISO 8601 date time stamp of when the attachment was created. + type: str + returned: success + sample: "2022-03-10T16:40:26+00:00" + options: + description: + - Additional VPC attachment options. + type: dict + returned: success + contains: + appliance_mode_support: + description: + - Indicates whether appliance mode support is enabled. + type: str + returned: success + sample: "enable" + dns_support: + description: + - Indicates whether DNS support is enabled. + type: str + returned: success + sample: "disable" + ipv6_support: + description: + - Indicates whether IPv6 support is disabled. + type: str + returned: success + sample: "disable" + security_group_referencing_support: + description: + - Indicated weather security group referencing support is disabled. + type: str + returned: success + sample: "enable" + state: + description: + - The state of the attachment. + type: str + returned: success + sample: "deleting" + subnet_ids: + description: + - The IDs of the subnets in use by the attachment. + type: list + elements: str + returned: success + sample: ["subnet-0123456789abcdef0", "subnet-11111111111111111"] + tags: + description: + - A dictionary representing the resource tags. + type: dict + returned: success + transit_gateway_attachment_id: + description: + - The ID of the attachment. + type: str + returned: success + sample: "tgw-attach-0c0c5fd0b0f01d1c9" + transit_gateway_id: + description: + - The ID of the transit gateway that the attachment is connected to. + type: str + returned: success + sample: "tgw-0123456789abcdef0" + vpc_id: + description: + - The ID of the VPC that the attachment is connected to. + type: str + returned: success + sample: "vpc-0123456789abcdef0" + vpc_owner_id: + description: + - The ID of the account that the VPC belongs to. + type: str + returned: success + sample: "1234567890122" +""" + +from typing import NoReturn + +from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.transformation import boto3_resource_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.transitgateway import TransitGatewayVpcAttachmentManager +from ansible_collections.amazon.aws.plugins.module_utils.transitgateway import find_existing_attachment +from ansible_collections.amazon.aws.plugins.module_utils.transitgateway import get_states +from ansible_collections.amazon.aws.plugins.module_utils.transitgateway import subnets_to_vpc + + +def handle_vpc_attachments(client, module: AnsibleAWSModule) -> NoReturn: + """ + Handle the creation, modification, or deletion of VPC attachments + based on the parameters provided in the Ansible module. + + Args: + client: The AWS client to interact with EC2 services. + module: An instance of AnsibleAWSModule. + + Returns: + NoReturn: The function exits by calling module.exit_json() + with the results of the operation. + """ + attach_id = module.params.get("id", None) + attachment = None + + if not attach_id: + filters = {} + if module.params.get("transit_gateway"): + filters["transit-gateway-id"] = module.params["transit_gateway"] + if module.params.get("name"): + filters["tag:Name"] = module.params["name"] + if module.params.get("subnets"): + vpc_id = subnets_to_vpc(client, module, module.params["subnets"]) + filters["vpc-id"] = vpc_id + + # Attachments lurk in a 'deleted' state, for a while, ignore them so we + # can reuse the names + filters["state"] = get_states() + + attachment = find_existing_attachment(client, module, filters=filters) + if attachment: + attach_id = attachment["TransitGatewayAttachmentId"] + else: + attachment = find_existing_attachment(client, module, attachment_id=attach_id) + + manager = TransitGatewayVpcAttachmentManager(client, module, attachment, attachment_id=attach_id) + + if module.params["state"] == "absent": + manager.delete_attachment() + else: + manager.create_or_modify_attachment() + + results = dict( + changed=manager.changed, + attachments=[manager.updated], + ) + if manager.changed: + results["diff"] = dict( + before=boto3_resource_to_ansible_dict(manager.existing), + after=manager.updated, + ) + + module.exit_json(**results) + + +def main(): + argument_spec = dict( + state=dict(type="str", required=False, default="present", choices=["absent", "present"]), + transit_gateway=dict(type="str", required=False, aliases=["transit_gateway_id"]), + id=dict(type="str", required=False, aliases=["attachment_id"]), + name=dict(type="str", required=False), + subnets=dict(type="list", elements="str", required=False), + purge_subnets=dict(type="bool", required=False, default=True), + tags=dict(type="dict", required=False, aliases=["resource_tags"]), + purge_tags=dict(type="bool", required=False, default=True), + appliance_mode_support=dict(type="bool", required=False), + dns_support=dict(type="bool", required=False), + ipv6_support=dict(type="bool", required=False), + wait=dict(type="bool", required=False, default=True), + wait_timeout=dict(type="int", default=600, required=False), + ) + + one_of = [ + ["id", "transit_gateway", "name"], + ] + + module = AnsibleAWSModule( + argument_spec=argument_spec, + supports_check_mode=True, + required_one_of=one_of, + ) + + client = module.client("ec2") + + handle_vpc_attachments(client, module) + + +if __name__ == "__main__": + main() diff --git a/plugins/modules/ec2_transit_gateway_vpc_attachment_info.py b/plugins/modules/ec2_transit_gateway_vpc_attachment_info.py new file mode 100644 index 00000000000..581e5d55c2d --- /dev/null +++ b/plugins/modules/ec2_transit_gateway_vpc_attachment_info.py @@ -0,0 +1,223 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +module: ec2_transit_gateway_vpc_attachment_info +short_description: describes AWS Transit Gateway VPC attachments +version_added: 4.0.0 +version_added_collection: community.aws +description: + - Describes AWS Transit Gateway VPC Attachments. +options: + id: + description: + - The ID of the Transit Gateway Attachment. + - Mutually exclusive with O(name) and O(filters). + type: str + required: false + aliases: ["attachment_id"] + name: + description: + - The V(Name) tag of the Transit Gateway attachment. + type: str + required: false + filters: + description: + - A dictionary of filters to apply. Each dict item consists of a filter key and a filter value. + - Setting a V(tag:Name) filter will override the O(name) parameter. + type: dict + required: false + include_deleted: + description: + - If O(include_deleted=True), then attachments in a deleted state will + also be returned. + - Setting a V(state) filter will override the O(include_deleted) parameter. + type: bool + required: false + default: false +author: + - Mark Chappell (@tremble) + - Alina Buzachis (@alinabuzachis) +extends_documentation_fragment: + - amazon.aws.common.modules + - amazon.aws.region.modules + - amazon.aws.boto3 +""" + +EXAMPLES = r""" +- name: Describe a specific Transit Gateway attachment + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + id: "tgw-attach-0123456789abcdef0" + +- name: Describe all attachments attached to a transit gateway + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + filters: + transit-gateway-id: "tgw-0fedcba9876543210" + +- name: Describe all attachments in an account + amazon.aws.ec2_transit_gateway_vpc_attachment_info: +""" + +RETURN = r""" +attachments: + description: The attributes of the Transit Gateway attachments. + type: list + elements: dict + returned: success + contains: + creation_time: + description: + - An ISO 8601 date time stamp of when the attachment was created. + type: str + returned: success + sample: "2022-03-10T16:40:26+00:00" + options: + description: + - Additional VPC attachment options. + type: dict + returned: success + contains: + appliance_mode_support: + description: + - Indicates whether appliance mode support is enabled. + type: str + returned: success + sample: "enable" + dns_support: + description: + - Indicates whether DNS support is enabled. + type: str + returned: success + sample: "disable" + ipv6_support: + description: + - Indicates whether IPv6 support is disabled. + type: str + returned: success + sample: "disable" + security_group_referencing_support: + description: + - Indicated weather security group referencing support is disabled. + type: str + returned: success + sample: "enable" + state: + description: + - The state of the attachment. + type: str + returned: success + sample: "deleting" + subnet_ids: + description: + - The IDs of the subnets in use by the attachment. + type: list + elements: str + returned: success + sample: ["subnet-0123456789abcdef0", "subnet-11111111111111111"] + tags: + description: + - A dictionary representing the resource tags. + type: dict + returned: success + transit_gateway_attachment_id: + description: + - The ID of the attachment. + type: str + returned: success + sample: "tgw-attach-0c0c5fd0b0f01d1c9" + transit_gateway_id: + description: + - The ID of the transit gateway that the attachment is connected to. + type: str + returned: success + sample: "tgw-0123456789abcdef0" + vpc_id: + description: + - The ID of the VPC that the attachment is connected to. + type: str + returned: success + sample: "vpc-0123456789abcdef0" + vpc_owner_id: + description: + - The ID of the account that the VPC belongs to. + type: str + returned: success + sample: "123456789012" +""" + +from typing import Any +from typing import Dict +from typing import List + +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleEC2Error +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import describe_transit_gateway_vpc_attachments +from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.transformation import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.transformation import boto3_resource_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.transitgateway import get_states + + +def main(): + argument_spec = dict( + id=dict(type="str", required=False, aliases=["attachment_id"]), + name=dict(type="str", required=False), + filters=dict(type="dict", required=False), + include_deleted=dict(type="bool", required=False, default=False), + ) + + mutually_exclusive = [ + ["id", "name"], + ["id", "filters"], + ] + + module = AnsibleAWSModule( + argument_spec=argument_spec, + supports_check_mode=True, + mutually_exclusive=mutually_exclusive, + ) + + name = module.params.get("name") + attachment_id = module.params.get("id") + opt_filters = module.params.get("filters") + include_deleted = module.params.get("include_deleted") + + client = module.client("ec2") + + params: Dict[str, Any] = {} + filters: Dict[str, Any] = {} + attachments: List[Dict[str, Any]] = [] + + if attachment_id: + params["TransitGatewayAttachmentIds"] = [attachment_id] + + # Add filter by name if provided + if name: + filters["tag:Name"] = name + + # Include only active states if "include_deleted" is False + if not include_deleted: + filters["state"] = get_states() + + # Include any additional filters provided by the user + if opt_filters: + filters.update(opt_filters) + + if filters: + params["Filters"] = ansible_dict_to_boto3_filter_list(filters) + + try: + result = describe_transit_gateway_vpc_attachments(client, **params) + except AnsibleEC2Error as e: + module.fail_json_aws_error(e) + + if result: + attachments = [boto3_resource_to_ansible_dict(attachment) for attachment in result] + + module.exit_json(changed=False, attachments=attachments, filters=filters) + + +if __name__ == "__main__": + main() diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/aliases b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/aliases new file mode 100644 index 00000000000..94fa60d71f2 --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/aliases @@ -0,0 +1,3 @@ +cloud/aws +time=35m +# ec2_transit_gateway_vpc_attachment_info diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/defaults/main.yml b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/defaults/main.yml new file mode 100644 index 00000000000..ded63478d39 --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/defaults/main.yml @@ -0,0 +1,26 @@ +_resource_prefix: AnsibleTest +#_resource_prefix: 'AnsibleTest-{{ tiny_prefix }}-TGW-Attach' +cidr_prefix: 10.{{ 255 | random(seed=_resource_prefix) }} +tgw_name: '{{ _resource_prefix }}' +tgw_name_2: '{{ _resource_prefix }}-2' +vpc_name_a: '{{ _resource_prefix }}-1' +vpc_name_b: '{{ _resource_prefix }}-2' +vpc_cidr_a: '{{ cidr_prefix }}.1.0/24' +vpc_cidr_b: '{{ cidr_prefix }}.2.0/24' + +subnet_cidr_a_1: '{{ cidr_prefix }}.1.0/26' +subnet_cidr_a_2: '{{ cidr_prefix }}.1.64/26' +subnet_cidr_a_3: '{{ cidr_prefix }}.1.128/26' +subnet_cidr_a_1a: '{{ cidr_prefix }}.1.192/26' +subnet_cidr_b_1: '{{ cidr_prefix }}.2.0/26' +subnet_cidr_b_2: '{{ cidr_prefix }}.2.64/26' + +subnet_name_a_1: '{{ _resource_prefix }}-a-1' +subnet_name_a_1a: '{{ _resource_prefix }}-a-1a' +subnet_name_a_2: '{{ _resource_prefix }}-a-2' +subnet_name_a_3: '{{ _resource_prefix }}-a-3' +subnet_name_b_1: '{{ _resource_prefix }}-b-1' +subnet_name_b_2: '{{ _resource_prefix }}-b-2' + +attachment_name: '{{ _resource_prefix }}' +attachment_name_complex: '{{ _resource_prefix }}-complex' diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/meta/main.yml b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/meta/main.yml new file mode 100644 index 00000000000..2bff8543af2 --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: +- role: setup_ec2_facts diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/cleanup.yml b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/cleanup.yml new file mode 100644 index 00000000000..1beefea219e --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/cleanup.yml @@ -0,0 +1,69 @@ +- name: Describe all attachments on our VPC + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + filters: + transit-gateway-id: '{{ tgw_id }}' + register: info + ignore_errors: true + +- name: Start deletion of all attachments + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: absent + id: '{{ item.transit_gateway_attachment_id }}' + wait: false + loop: '{{ info.attachments }}' + ignore_errors: true + +- name: Wait for deletion of all attachments + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: absent + id: '{{ item.transit_gateway_attachment_id }}' + wait: true + loop: '{{ info.attachments }}' + ignore_errors: true + +- name: Delete subnets + amazon.aws.ec2_vpc_subnet: + state: absent + cidr: '{{ item.cidr }}' + vpc_id: '{{ item.vpc_id }}' + loop: + - cidr: '{{ subnet_cidr_a_1 }}' + vpc_id: '{{ vpc_id_a }}' + - cidr: '{{ subnet_cidr_a_2 }}' + vpc_id: '{{ vpc_id_a }}' + - cidr: '{{ subnet_cidr_a_3 }}' + vpc_id: '{{ vpc_id_a }}' + - cidr: '{{ subnet_cidr_b_1 }}' + vpc_id: '{{ vpc_id_b }}' + - cidr: '{{ subnet_cidr_b_2 }}' + vpc_id: '{{ vpc_id_b }}' + - cidr: '{{ subnet_cidr_a_1a }}' + vpc_id: '{{ vpc_id_a }}' + ignore_errors: true + +- name: Delete VPCs to attach to TGW + amazon.aws.ec2_vpc_net: + state: absent + cidr_block: '{{ item.cidr }}' + name: '{{ item.name }}' + loop: + - cidr: '{{ vpc_cidr_a }}' + name: '{{ vpc_name_a }}' + - cidr: '{{ vpc_cidr_b }}' + name: '{{ vpc_name_b }}' + ignore_errors: true + +- name: Gather info about all transit gateways + community.aws.ec2_transit_gateway_info: + transit_gateway_ids: + - '{{ tgw_id }}' + - '{{ tgw_id_2 }}' + +- name: Delete Transit Gateways + community.aws.ec2_transit_gateway: + state: absent + transit_gateway_id: '{{ item.tgw_id }}' + loop: + - tgw_id: '{{ tgw_id }}' + - tgw_id: '{{ tgw_id_2 }}' + ignore_errors: true diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/complex.yml b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/complex.yml new file mode 100644 index 00000000000..4fdd0ba6eb6 --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/complex.yml @@ -0,0 +1,456 @@ +# Tests the setting of most parameters at the same time +# +# Note: Does not delete the attachment, so that there's a second VPC attached to +# the TGW when we run our _info tests in simple.yml +# +# ============================================================================= +# Creation + +- block: + - name: (CHECK_MODE) Create an attachment - complex parameters + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + - '{{ subnet_id_b_2 }}' + tags: + tagA: example Value + Tag_B: second value + appliance_mode_support: true + ipv6_support: true + register: complex_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - complex_attach is changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"options" in attachment' + - '"subnet_ids" in attachment' + - '"tags" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == "enable" + - attachment.options.ipv6_support == "enable" + - attachment.subnet_ids | length == 2 + - subnet_id_b_1 in attachment.subnet_ids + - subnet_id_b_2 in attachment.subnet_ids + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' + + - name: Create an attachment - complex parameters + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + - '{{ subnet_id_b_2 }}' + tags: + tagA: example Value + Tag_B: second value + appliance_mode_support: true + ipv6_support: true + register: complex_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - complex_attach is changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_b_1 in attachment.subnet_ids + - subnet_id_b_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'enable' + - attachment.transit_gateway_attachment_id.startswith('tgw-attach-') + - attachment.state == 'available' + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.vpc_owner_id == vpc_owner_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' + + - name: Save Attachment ID + set_fact: + complex_attachment_id: '{{ complex_attach.attachments[0].transit_gateway_attachment_id }}' + + - name: Gather information about the attachment + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + filters: + transit-gateway-id: '{{ tgw_id }}' + register: info + + - name: (CHECK_MODE) Create an attachment - complex parameters -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + - '{{ subnet_id_b_2 }}' + tags: + tagA: example Value + Tag_B: second value + appliance_mode_support: true + ipv6_support: true + register: complex_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - complex_attach is not changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_b_1 in attachment.subnet_ids + - subnet_id_b_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'enable' + - attachment.transit_gateway_attachment_id == complex_attachment_id + - attachment.state == 'available' + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.vpc_owner_id == vpc_owner_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' + + - name: Create an attachment - complex parameters -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + - '{{ subnet_id_b_2 }}' + tags: + tagA: example Value + Tag_B: second value + appliance_mode_support: true + ipv6_support: true + register: complex_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - complex_attach is not changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_b_1 in attachment.subnet_ids + - subnet_id_b_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'enable' + - attachment.transit_gateway_attachment_id == complex_attachment_id + - attachment.state == 'available' + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.vpc_owner_id == vpc_owner_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' + +# ============================================================================= +# Update + + - name: (CHECK_MODE) Update an attachment - complex parameters + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + purge_subnets: true + tags: + tagC: '3' + Tag_D: Hello again dear world + purge_tags: false + dns_support: false + ipv6_support: false + register: complex_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - complex_attach is changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_b_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.transit_gateway_attachment_id == complex_attachment_id + - attachment.state == 'available' + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - '"tagC" in attachment.tags' + - '"Tag_D" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.tags.tagC == "3" + - attachment.tags.Tag_D == "Hello again dear world" + - attachment.vpc_owner_id == vpc_owner_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' + + - name: Update an attachment - complex parameters + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + purge_subnets: true + tags: + tagC: '3' + Tag_D: Hello again dear world + purge_tags: false + dns_support: false + ipv6_support: false + register: complex_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - complex_attach is changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_b_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.transit_gateway_attachment_id == complex_attachment_id + - attachment.state == 'available' + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - '"tagC" in attachment.tags' + - '"Tag_D" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.tags.tagC == "3" + - attachment.tags.Tag_D == "Hello again dear world" + - attachment.vpc_owner_id == vpc_owner_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' + + - name: (CHECK_MODE) Update an attachment - complex parameters -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + purge_subnets: true + tags: + tagC: '3' + Tag_D: Hello again dear world + purge_tags: false + dns_support: false + ipv6_support: false + register: complex_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - complex_attach is not changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_b_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.transit_gateway_attachment_id == complex_attachment_id + - attachment.state == 'available' + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - '"tagC" in attachment.tags' + - '"Tag_D" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.tags.tagC == "3" + - attachment.tags.Tag_D == "Hello again dear world" + - attachment.vpc_owner_id == vpc_owner_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' + + - name: Update an attachment - complex parameters -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name_complex }}' + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_b_1 }}' + purge_subnets: true + tags: + tagC: '3' + Tag_D: Hello again dear world + purge_tags: false + dns_support: false + ipv6_support: false + register: complex_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - complex_attach is not changed + - '"attachments" in complex_attach' + - complex_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_b_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_b + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.transit_gateway_attachment_id == complex_attachment_id + - attachment.state == 'available' + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"tagA" in attachment.tags' + - '"Tag_B" in attachment.tags' + - '"tagC" in attachment.tags' + - '"Tag_D" in attachment.tags' + - attachment.tags.Name == attachment_name_complex + - attachment.tags.tagA == "example Value" + - attachment.tags.Tag_B == "second value" + - attachment.tags.tagC == "3" + - attachment.tags.Tag_D == "Hello again dear world" + - attachment.vpc_owner_id == vpc_owner_b + vars: + attachment: '{{ complex_attach.attachments[0] }}' diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/main.yml b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/main.yml new file mode 100644 index 00000000000..ecec94bff5a --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/main.yml @@ -0,0 +1,21 @@ +- name: ec2_transit_gateway_vpc_attachment integration tests + module_defaults: + group/aws: + access_key: '{{ aws_access_key }}' + secret_key: '{{ aws_secret_key }}' + session_token: '{{ security_token | default(omit) }}' + region: '{{ aws_region }}' + + block: + # Prepares various resources + - include_tasks: setup.yml + + # Tests create / update on parameters simulatniously + - include_tasks: complex.yml + + # Tests create / update / delete on individual parameters + - include_tasks: simple.yml + + always: + # Cleanup after ourselves + - include_tasks: cleanup.yml diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/setup.yml b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/setup.yml new file mode 100644 index 00000000000..b97883948eb --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/setup.yml @@ -0,0 +1,100 @@ +- name: Pick 2 AZs available for use + set_fact: + subnet_az_a_1: '{{ ec2_availability_zone_names[0] }}' + subnet_az_a_1a: '{{ ec2_availability_zone_names[0] }}' + subnet_az_a_2: '{{ ec2_availability_zone_names[1] }}' + subnet_az_a_3: '{{ ec2_availability_zone_names[2] }}' + subnet_az_b_1: '{{ ec2_availability_zone_names[0] }}' + subnet_az_b_2: '{{ ec2_availability_zone_names[1] }}' + +- name: Create Transit Gateways + community.aws.ec2_transit_gateway: + description: '{{ item.description }}' + tags: + Name: '{{ item.name }}' + loop: + - description: Transit Gateway for testing community.aws.ec2_transit_gateway_attachment + name: '{{ tgw_name }}' + - description: Second Transit Gateway for testing community.aws.ec2_transit_gateway_attachment + name: '{{ tgw_name_2 }}' + register: create_tgws + +- name: Create VPCs to attach to TGW + amazon.aws.ec2_vpc_net: + cidr_block: '{{ item.cidr }}' + name: '{{ item.name }}' + ipv6_cidr: true + loop: + - cidr: '{{ vpc_cidr_a }}' + name: '{{ vpc_name_a }}' + - cidr: '{{ vpc_cidr_b }}' + name: '{{ vpc_name_b }}' + register: create_vpcs + +- set_fact: + tgw_id: '{{ create_tgws.results[0].transit_gateway.transit_gateway_id }}' + tgw_id_2: '{{ create_tgws.results[1].transit_gateway.transit_gateway_id }}' + vpc_id_a: '{{ vpc_a.id }}' + vpc_id_b: '{{ vpc_b.id }}' + vpc_owner_a: '{{ vpc_a.owner_id }}' + vpc_owner_b: '{{ vpc_b.owner_id }}' + subnet_ipv6_a_1: '{{ vpc_ipv6_a | replace("0::/56","0::/64") }}' + subnet_ipv6_a_2: '{{ vpc_ipv6_a | replace("0::/56","1::/64") }}' + subnet_ipv6_a_3: '{{ vpc_ipv6_a | replace("0::/56","2::/64") }}' + subnet_ipv6_a_1a: '{{ vpc_ipv6_a | replace("0::/56","3::/64") }}' + subnet_ipv6_b_1: '{{ vpc_ipv6_b | replace("0::/56","0::/64") }}' + subnet_ipv6_b_2: '{{ vpc_ipv6_b | replace("0::/56","1::/64") }}' + vars: + vpc_a: '{{ create_vpcs.results[0].vpc }}' + vpc_b: '{{ create_vpcs.results[1].vpc }}' + vpc_ipv6_a: '{{ vpc_a.ipv6_cidr_block_association_set[0].ipv6_cidr_block }}' + vpc_ipv6_b: '{{ vpc_b.ipv6_cidr_block_association_set[0].ipv6_cidr_block }}' + +- name: Create subnets + amazon.aws.ec2_vpc_subnet: + az: '{{ item.az }}' + cidr: '{{ item.cidr }}' + ipv6_cidr: '{{ item.ipv6_cidr }}' + tags: + Name: '{{ item.name }}' + vpc_id: '{{ item.vpc_id }}' + loop: + - az: '{{ subnet_az_a_1 }}' + cidr: '{{ subnet_cidr_a_1 }}' + ipv6_cidr: '{{ subnet_ipv6_a_1 }}' + vpc_id: '{{ vpc_id_a }}' + name: '{{ subnet_name_a_1 }}' + - az: '{{ subnet_az_a_2 }}' + cidr: '{{ subnet_cidr_a_2 }}' + ipv6_cidr: '{{ subnet_ipv6_a_2 }}' + vpc_id: '{{ vpc_id_a }}' + name: '{{ subnet_name_a_2 }}' + - az: '{{ subnet_az_a_3 }}' + cidr: '{{ subnet_cidr_a_3 }}' + ipv6_cidr: '{{ subnet_ipv6_a_3 }}' + vpc_id: '{{ vpc_id_a }}' + name: '{{ subnet_name_a_3 }}' + - az: '{{ subnet_az_b_1 }}' + cidr: '{{ subnet_cidr_b_1 }}' + ipv6_cidr: '{{ subnet_ipv6_b_1 }}' + vpc_id: '{{ vpc_id_b }}' + name: '{{ subnet_name_b_1 }}' + - az: '{{ subnet_az_b_2 }}' + cidr: '{{ subnet_cidr_b_2 }}' + ipv6_cidr: '{{ subnet_ipv6_b_2 }}' + vpc_id: '{{ vpc_id_b }}' + name: '{{ subnet_name_b_2 }}' + - az: '{{ subnet_az_a_1a }}' + cidr: '{{ subnet_cidr_a_1a }}' + ipv6_cidr: '{{ subnet_ipv6_a_1a }}' + vpc_id: '{{ vpc_id_a }}' + name: '{{ subnet_name_a_1a }}' + register: create_subnets + +- set_fact: + subnet_id_a_1: '{{ create_subnets.results[0].subnet.id }}' + subnet_id_a_2: '{{ create_subnets.results[1].subnet.id }}' + subnet_id_a_3: '{{ create_subnets.results[2].subnet.id }}' + subnet_id_b_1: '{{ create_subnets.results[3].subnet.id }}' + subnet_id_b_2: '{{ create_subnets.results[4].subnet.id }}' + subnet_id_a_1a: '{{ create_subnets.results[5].subnet.id }}' diff --git a/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/simple.yml b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/simple.yml new file mode 100644 index 00000000000..9a2ff5aa211 --- /dev/null +++ b/tests/integration/targets/ec2_transit_gateway_vpc_attachment/tasks/simple.yml @@ -0,0 +1,3706 @@ +# ============================================================================= +# Creation +- block: + - name: (CHECK_MODE) Create an attachment - minimal parameters + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that attachment parameters are returned in CHECK_MODE + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Create an attachment - minimal parameters + amazon.aws.ec2_transit_gateway_vpc_attachment: + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that the create attachment is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.transit_gateway_attachment_id.startswith('tgw-attach-') + - attachment.state == 'available' + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Save Attachment ID + ansible.builtin.set_fact: + simple_attachment_id: '{{ simple_attach.attachments[0].transit_gateway_attachment_id + }}' + + - name: (CHECK_MODE) Create an attachment - minimal parameters -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Create an attachment - minimal parameters -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + transit_gateway: '{{ tgw_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) By Id - minimal parameters -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: By Id - minimal parameters -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ============================================================================= +# Set a name + + - name: (CHECK_MODE) Set name + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + name: '{{ attachment_name }}' + register: simple_attach + + - name: Assert that the attachment parameters are returned in CHECK_MODE + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set name + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + name: '{{ attachment_name }}' + register: simple_attach + + - name: Assert that 'Set name' is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Set name -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + name: '{{ attachment_name }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set name -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + name: '{{ attachment_name }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) By Name - minimal parameters -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: By Name - minimal parameters -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + subnets: + - '{{ subnet_id_a_1 }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ============================================================================= +# Describe + + - name: Describe all attachments + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + register: info + + - name: Assert that the transit_gateway_vpc_attachment_info is returned sucessfully + ansible.builtin.assert: + that: + - info is not changed + - '"attachments" in info' + - info.attachments | length >= 2 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length >= 1 + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - '"Name" in attachment.tags' + vars: + attachment: '{{ info.attachments[0] }}' + + - name: Describe attachments on a specific VPC + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + filters: + transit-gateway-id: '{{ tgw_id }}' + register: info + + - name: Assert that the returned info is correct + ansible.builtin.assert: + that: + - info is not changed + - '"attachments" in info' + - info.attachments | length == 2 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length >= 1 + - attachment.transit_gateway_id == tgw_id + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - '"Name" in attachment.tags' + vars: + attachment: '{{ info.attachments[0] }}' + + - name: Describe attachment with a specific name + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + name: '{{ attachment_name }}' + register: info + + - name: Assert that the returned info is correct + ansible.builtin.assert: + that: + - info is not changed + - '"attachments" in info' + - info.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ info.attachments[0] }}' + + - name: Describe attachment by ID + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + id: '{{ simple_attachment_id }}' + register: info + + - name: Assert that the returned info is correct + ansible.builtin.assert: + that: + - info is not changed + - '"attachments" in info' + - info.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ info.attachments[0] }}' + +# ============================================================================= +# Tag attachment + + - name: (CHECK_MODE) Set tags + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + snake_case: snake_case_value + Tag with Space: value with space + register: simple_attach + + - name: Assert that 'Set tags' is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value' + - attachment.tags['Tag with Space'] == 'value with space' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set tags + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + snake_case: snake_case_value + Tag with Space: value with space + register: simple_attach + + - name: Assert that 'Set tags' is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value' + - attachment.tags['Tag with Space'] == 'value with space' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Set tags -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + snake_case: snake_case_value + Tag with Space: value with space + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value' + - attachment.tags['Tag with Space'] == 'value with space' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set tags -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + snake_case: snake_case_value + Tag with Space: value with space + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value' + - attachment.tags['Tag with Space'] == 'value with space' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Describe attachment with tags set + amazon.aws.ec2_transit_gateway_vpc_attachment_info: + id: '{{ simple_attachment_id }}' + register: info + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - info is not changed + - '"attachments" in info' + - info.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value' + - attachment.tags['Tag with Space'] == 'value with space' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ info.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) No change to tags with name set -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value' + - attachment.tags['Tag with Space'] == 'value with space' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: No change to tags with name set -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value' + - attachment.tags['Tag with Space'] == 'value with space' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Update tags + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + snake_case: snake_case_value 2 + Tag with Space: value with space 2 + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value 2' + - attachment.tags['Tag with Space'] == 'value with space 2' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update tags + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + snake_case: snake_case_value 2 + Tag with Space: value with space 2 + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value 2' + - attachment.tags['Tag with Space'] == 'value with space 2' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Update tags -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + snake_case: snake_case_value 2 + Tag with Space: value with space 2 + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value 2' + - attachment.tags['Tag with Space'] == 'value with space 2' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update tags -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + snake_case: snake_case_value 2 + Tag with Space: value with space 2 + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 5 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"snake_case" in attachment.tags' + - '"Tag with Space" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.snake_case == 'snake_case_value 2' + - attachment.tags['Tag with Space'] == 'value with space 2' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Remove tags + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove tags + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Remove tags -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove tags -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: + CamelCase: CamelCaseValue + pascalCase: pascalCaseValue + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 3 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Add tags with no purge + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + AnotherTag: Another Value + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 4 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"AnotherTag" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.AnotherTag == 'Another Value' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Add tags with no purge + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + AnotherTag: Another Value + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 4 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"AnotherTag" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.AnotherTag == 'Another Value' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Add tags with no purge -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + AnotherTag: Another Value + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 4 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"AnotherTag" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.AnotherTag == 'Another Value' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Add tags with no purge -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + purge_tags: false + tags: + AnotherTag: Another Value + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 4 + - '"Name" in attachment.tags' + - '"CamelCase" in attachment.tags' + - '"pascalCase" in attachment.tags' + - '"AnotherTag" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.tags.CamelCase == 'CamelCaseValue' + - attachment.tags.pascalCase == 'pascalCaseValue' + - attachment.tags.AnotherTag == 'Another Value' + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Remove all tags with name set + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: {} + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove all tags with name set + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: {} + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Remove all tags with name set -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: {} + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove all tags with name set -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + name: '{{ attachment_name }}' + tags: {} + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 1 + - '"Name" in attachment.tags' + - attachment.tags.Name == attachment_name + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Remove all tags including name + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + tags: {} + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove all tags including name + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + tags: {} + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Remove all tags including name -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + tags: {} + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove all tags including name -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + tags: {} + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ============================================================================= +# Options + + - name: (CHECK_MODE) Set IPv6 support + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set IPv6 support + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Set IPv6 support -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set IPv6 support -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Set DNS support + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set DNS support + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Set DNS support -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set DNS support -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Set Appliance Mode support + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set Appliance Mode support + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Set Appliance Mode support -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Set Appliance Mode support -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'enable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Update IPv6 support + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update IPv6 support + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Update IPv6 support -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update IPv6 support -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + ipv6_support: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'disable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Update DNS support + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update DNS support + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Update DNS support -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update DNS support -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + dns_support: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'enable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Update Appliance Mode support + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update Appliance Mode support + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Update Appliance Mode support -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Update Appliance Mode support -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + appliance_mode_support: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 1 + - subnet_id_a_1 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ============================================================================= +# Subnet Management + + - name: (CHECK_MODE) Try to add subnet from a different VPC - no purge + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_b_2 }}' + purge_subnets: false + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + + - name: Try to add subnet from a different VPC - no purge + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_b_2 }}' + purge_subnets: false + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + +# ===== + + - name: (CHECK_MODE) Try to add subnet from a different VPC - with purge + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_b_2 }}' + purge_subnets: true + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + + - name: Try to add subnet from a different VPC - with purge + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_b_2 }}' + purge_subnets: true + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + +# ===== + + - name: (CHECK_MODE) Try to add subnet in the same AZ - no purge + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_b_1a }}' + purge_subnets: false + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + + - name: Try to add subnet in the same AZ - no purge + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1a }}' + purge_subnets: false + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + +# ===== + + - name: (CHECK_MODE) Try to add subnet in the same AZ - with purge + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_1a }}' + purge_subnets: true + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + + - name: Try to add subnet in the same AZ - with purge + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_1a }}' + purge_subnets: true + register: simple_attach + ignore_errors: true + + - name: Assert that the test failed + ansible.builtin.assert: + that: + - simple_attach is failed + +# ===== + + - name: (CHECK_MODE) Add subnet - without purge + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + purge_subnets: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Add subnet - without purge + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + purge_subnets: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Add subnet - without purge -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + purge_subnets: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Add subnet - without purge -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + purge_subnets: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Add subnet - with purge + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 3 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Add subnet - with purge + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 3 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Add subnet - with purge -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 3 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Add subnet - with purge -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 3 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Remove subnet + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove subnet + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Remove subnet -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove subnet -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_2 }}' + - '{{ subnet_id_a_3 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_2 in attachment.subnet_ids + - subnet_id_a_3 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ===== + + - name: (CHECK_MODE) Remove and add subnet + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove and add subnet + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: (CHECK_MODE) Remove and add subnet -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + + - name: Remove and add subnet -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + id: '{{ simple_attachment_id }}' + subnets: + - '{{ subnet_id_a_1 }}' + - '{{ subnet_id_a_2 }}' + purge_subnets: true + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + - '"attachments" in simple_attach' + - simple_attach.attachments | length == 1 + - '"subnet_ids" in attachment' + - '"transit_gateway_id" in attachment' + - '"vpc_id" in attachment' + - attachment.subnet_ids | length == 2 + - subnet_id_a_1 in attachment.subnet_ids + - subnet_id_a_2 in attachment.subnet_ids + - attachment.transit_gateway_id == tgw_id + - attachment.vpc_id == vpc_id_a + - '"creation_time" in attachment' + - '"options" in attachment' + - '"state" in attachment' + - '"tags" in attachment' + - '"transit_gateway_attachment_id" in attachment' + - '"vpc_owner_id" in attachment' + - '"appliance_mode_support" in attachment.options' + - '"dns_support" in attachment.options' + - '"ipv6_support" in attachment.options' + - attachment.options.appliance_mode_support == 'disable' + - attachment.options.dns_support == 'enable' + - attachment.options.ipv6_support == 'disable' + - attachment.state == 'available' + - attachment.transit_gateway_attachment_id == simple_attachment_id + - attachment.tags | length == 0 + - attachment.vpc_owner_id == vpc_owner_a + vars: + attachment: '{{ simple_attach.attachments[0] }}' + +# ============================================================================= +# Deletion + + - name: (CHECK_MODE) Delete an attachment - minimal parameters + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: absent + id: '{{ simple_attachment_id }}' + wait: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + + - name: Delete an attachment - minimal parameters + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: absent + id: '{{ simple_attachment_id }}' + wait: false + register: simple_attach + + - name: Assert that the test is successful + ansible.builtin.assert: + that: + - simple_attach is changed + + - name: (CHECK_MODE) Delete an attachment - minimal parameters -- IDEMPOTENCY + check_mode: true + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: absent + id: '{{ simple_attachment_id }}' + wait: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + + - name: Delete an attachment - minimal parameters -- IDEMPOTENCY + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: absent + id: '{{ simple_attachment_id }}' + wait: false + register: simple_attach + + - name: Assert that there is no change + ansible.builtin.assert: + that: + - simple_attach is not changed + + always: + - name: Delete attachment + amazon.aws.ec2_transit_gateway_vpc_attachment: + state: absent + id: '{{ simple_attachment_id }}' + wait: false + ignore_errors: true