Struggling to make ec2_vpc Idempotent

50 views

Skip to first unread message

Ryan Mes

unread,

Feb 1, 2016, 8:19:10 AM2/1/16

to Ansible Project

I am creating a VPC in AWS using Ansible. The following play is run

- name: create vpc with multi-az subnets
  ec2_vpc:
    region: "{{ region }}"
    cidr_block: "{{ vpc_cidr_block }}"
    resource_tags: '{"Name":"{{ prefix }}_vpc"}'
    subnets:
      - cidr: "{{ vpc_cidr_subnet_public_0 }}"
        az: "{{ region }}{{ availability_zone_0 }}"
        resource_tags: '{"Name":"{{ prefix }}_subnet_public_0", "Class":"web", "Partner":prefix }'
      - cidr: "{{ vpc_cidr_subnet_private_0 }}"
        az: "{{ region }}{{ availability_zone_0 }}"
        resource_tags: '{"Name":"{{ prefix }}_subnet_private_0", "Class":"db", "Partner":prefix }'
      - cidr: "{{ vpc_cidr_subnet_private_1 }}"
        az: "{{ region }}{{ availability_zone_1 }}"
        resource_tags: '{"Name":"{{ prefix }}_subnet_private_1", "Class":"db", "Partner":prefix }'
    internet_gateway: yes
    route_tables:
      - subnets:
        - "{{ vpc_cidr_subnet_public_0 }}"
        routes:
          - dest: 0.0.0.0/0
            gw: igw
    wait: yes
  register: vpc

First time around this creates everything perfectly. Second time around, I expect it to not do anything as everything has been created, however, the public subnet is updated to a private one.

Why? What am I doing wrong?

Feel free to answer/help with this question here or on stackoverflow - http://stackoverflow.com/questions/35125292/cant-figure-out-why-subnet-is-being-updated

Arbab Nazar

unread,

Feb 2, 2016, 2:12:29 AM2/2/16

to Ansible Project

can you please check this, I hope it will help you.

https://github.com/arbabnazar/ansible-aws-roles/blob/master/roles/vpc/tasks/main.yml#L3

Reply all

Reply to author

Forward

0 new messages