How to change the configuration of ec2_group?

[Ming Hu]

Hi

I have a simple playbook which create a security group on AWS

- name: Create cc



  hosts: localhost

  tasks:

    - name: Create security group

      ec2_group:

        name: cc

        description: Security group for cc

        region: ap-northeast-1

        state: absent

        rules:

          - proto: tcp

            from_port: 80

            to_port: 80

            cidr_ip: 0.0.0.0/0

          - proto: tcp

            from_port: 22

            to_port: 22

            cidr_ip: 0.0.0.0/0

How can I change the configuration of this security group?

It seems that I can only write another playbook to delete it first, then create another one with the same name.

And if this security group is used by another ec2 instance, I need to delete the instance too. This seems so un-friendly.

What's the best practice here to change the configuration of one ec2-security group? I think this problem also happens on other ec2 related modules.