In Ansible, how do I use the ec2_group module to query if a security group exists, and then check for the result?

[ZillaYT]

Im trying to write a role that queries a security group if it exists, and then create if if not. So I manually created the security group first via AWS GUI.

Then I tried the following for the query.

- name: Query if security group exits
  ec2_group: name="my_test_sg" description="Test SG" region="us-east-1"
  register: sg_query

But I get the following

TASK [security_group : Query if the the security group exists] *****************

 

fatal: [10.22.9.27]: FAILED! => {"changed": false, "failed": true, "module_stderr": "", "module_stdout": "Traceback (most recent call last):\r\n  File \"/tmp/ansible_jGKApb/ansible_module_ec2_group.py\", line 472, in <module>\r\n    main()\r\n  File \"/tmp/ansible_jGKApb/ansible_module_ec2_group.py\", line 271, in main\r\n    for curGroup in ec2.get_all_security_groups():\r\n  File \"/usr/lib/python2.7/site-packages/boto/ec2/connection.py\", line 2984, in get_all_security_groups\r\n    [('item', SecurityGroup)], verb='POST')\r\n  File \"/usr/lib/python2.7/site-packages/boto/connection.py\", line 1186, in get_list\r\n    raise self.ResponseError(response.status, response.reason, body)\r\nboto.exception.EC2ResponseError: EC2ResponseError: 403 Forbidden\r\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<Response><Errors><Error><Code>UnauthorizedOperation</Code><Message>You are not authorized to perform this operation.</Message></Error></Errors><RequestID>5b101381-5d4f-43f0-b225-7a042e6151cf</RequestID></Response>\r\n", "msg": "MODULE FAILURE", "parsed": false}

It looks like it's trying to create the security group. Any clues?

Thanks.

[ZillaYT]

Essentially, I want to do this in Ansible

aws ec2 describe-security-groups --filters Name=group-name,Values=sg_ansible_test --query 'SecurityGroups[*].{Name:GroupName}'