Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ec2_instance cannot add or remove addition security groups #21

Closed
jokajak opened this issue Apr 3, 2020 · 0 comments · Fixed by #22
Closed

ec2_instance cannot add or remove addition security groups #21

jokajak opened this issue Apr 3, 2020 · 0 comments · Fixed by #22

Comments

@jokajak
Copy link
Contributor

jokajak commented Apr 3, 2020

SUMMARY

I have an existing ec2 instance where I would like to add an addition security group.
When I add one more security group, ec2_instance doesn't notify any change.

Originally ansible/ansible#54174

TASK [try to modify the ec2 instance] ********************************************************************************************************************************************************
ok: [localhost]
ISSUE TYPE
* Bug Report
COMPONENT NAME

ec2_instance

ANSIBLE VERSION
ansible 2.8.3
  config file = None
  configured module search path = ['/home/m/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/m/.local/lib/python3.7/site-packages/ansible
  executable location = /home/m/.local/bin/ansible
  python version = 3.7.2 (default, Mar 20 2019, 08:51:28) [GCC 8.2.0]
CONFIGURATION
$ ansible-config dump --only-changed
$ 
OS / ENVIRONMENT
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.10
DISTRIB_CODENAME=cosmic
DISTRIB_DESCRIPTION="Pop!_OS 18.10"
STEPS TO REPRODUCE
---
- hosts: localhost
  connection: local
  gather_facts: False
  
  vars_prompt:
    - name: ec2_template
      prompt: Which ec2 template file?
      private: no
      default: mbtest190321.my.instance.de

  vars_files:
    - "vars/{{ ec2_template }}.yml"

  tasks:

    ###################################
    #
    # check if instance exists already
    ###################################
    - name: check if instance already exists
      include_role:
        name: start_stop_terminate
        tasks_from: find_instance_id

    ###################################
    # if exists     when: instance.instances | count == 1
    # try update using ec2_instance module
    ###################################
    - name: try to modify the ec2 instance
      ec2_instance:
        state: present
        name: "{{ ec2_template }}"
        instance_ids: "{{ instance.instances[0].instance_id }}"
        security_groups: "{{ security_group }}"
        cpu_credit_specification: "{{ cpu_credit_specification }}"
        ebs_optimized: "{{ ebs_optimized }}"
        detailed_monitoring: "{{ detailed_monitoring }}"
        purge_tags: no
      when: instance.instances | count == 1
---
instance_type: t2.medium
cpu_credit_specification: standard
ebs_optimized: no
detailed_monitoring: no
security_group: 
  - default
  - something_other
EXPECTED RESULTS

cc @ryansb

In case of instance.instances[0].security_groups != security_groups it should apply the changes.

TASK [try to modify the ec2 instance] ********************************************************************************************************************************************************
changed: [localhost]

Basically is must be aws ec2 modify-instance-attribute --groups <list of {{security_groups}} --instance-id <instance_id>

ACTUAL RESULTS

No changes are detected and nothing happen.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant