cloudformation: Fix bug when updating stack's termination_protection …

…with create_changeset set (ansible-collections#2391) SUMMARY Fixes ansible-collections#2149 Fix bug where termination protection is not updated when create_changeset=true is used for stack updates ISSUE TYPE Bugfix Pull Request COMPONENT NAME cloudformation ADDITIONAL INFORMATION Reviewed-by: Helen Bailey <[email protected]> Reviewed-by: Bikouo Aubin Reviewed-by: GomathiselviS <[email protected]>
mandar242 · Dec 19, 2024 · 86b9182 · 86b9182
1 parent 6712ec6
commit 86b9182
Show file tree

Hide file tree

Showing 6 changed files with 225 additions and 79 deletions.
diff --git a/changelogs/fragments/2391-cloudformation-update-stack-termination_protection.yml b/changelogs/fragments/2391-cloudformation-update-stack-termination_protection.yml
@@ -0,0 +1,3 @@
+---
+bugfixes:
+  - cloudformation - Fix bug where termination protection is not updated when create_changeset=true is used for stack updates (https://github.com/ansible-collections/amazon.aws/pull/2391).
diff --git a/plugins/modules/cloudformation.py b/plugins/modules/cloudformation.py
@@ -514,6 +514,7 @@ def update_stack(module, stack_params, cfn, events_limit):
 
 def update_termination_protection(module, cfn, stack_name, desired_termination_protection_state):
     """updates termination protection of a stack"""
+    changed = False
     stack = get_stack_facts(module, cfn, stack_name)
     if stack:
         if stack["EnableTerminationProtection"] is not desired_termination_protection_state:
@@ -523,8 +524,10 @@ def update_termination_protection(module, cfn, stack_name, desired_termination_p
                     EnableTerminationProtection=desired_termination_protection_state,
                     StackName=stack_name,
                 )
+                changed = True
             except botocore.exceptions.ClientError as e:
                 module.fail_json_aws(e)
+    return changed
 
 
 def stack_operation(module, cfn, stack_name, operation, events_limit, op_token=None):
@@ -779,14 +782,17 @@ def main():
     if state == "present":
         if not stack_info:
             result = create_stack(module, stack_params, cfn, module.params.get("events_limit"))
-        elif module.params.get("create_changeset"):
-            result = create_changeset(module, stack_params, cfn, module.params.get("events_limit"))
         else:
+            changeset_updated = False
+            if module.params.get("create_changeset"):
+                result = create_changeset(module, stack_params, cfn, module.params.get("events_limit"))
+                changeset_updated = True
             if module.params.get("termination_protection") is not None:
-                update_termination_protection(
+                result["changed"] = update_termination_protection(
                     module, cfn, stack_params["StackName"], bool(module.params.get("termination_protection"))
                 )
-            result = update_stack(module, stack_params, cfn, module.params.get("events_limit"))
+            if not changeset_updated:
+                result = update_stack(module, stack_params, cfn, module.params.get("events_limit"))
 
         # format the stack output
 

diff --git a/tests/integration/targets/cloudformation/defaults/main.yml b/tests/integration/targets/cloudformation/defaults/main.yml
@@ -2,6 +2,7 @@
 stack_name: "{{ resource_prefix }}"
 stack_name_disable_rollback_true: "{{ resource_prefix }}-drb-true"
 stack_name_disable_rollback_false: "{{ resource_prefix }}-drb-false"
+stack_name_update_termination_protection: "{{ resource_prefix }}-update-tp"
 
 availability_zone: "{{ ec2_availability_zone_names[0] }}"