add functionality to associate existing sg with instane during creation

redhat-cop · Nov 21, 2024 · dad97f8 · dad97f8
1 parent c8aa0d3
commit dad97f8
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 5 deletions.
diff --git a/roles/ec2_instance_create/README.md b/roles/ec2_instance_create/README.md
@@ -30,6 +30,9 @@ The following variables can be set in the role to customize EC2 instance creatio
 * **ec2_instance_create_vpc_subnet_id**: (Required)
   The ID of the VPC subnet in which the instance will be launched.
 
+* **ec2_instance_create_external_sg**: (Optional)
+  The ID of the security group to be associated with EC2 instance.
+
 * **ec2_instance_create_tags**: (Optional)
   A dictionary of tags to assign to the EC2 instance.
 
@@ -63,7 +66,7 @@ The following variables can be set in the role to customize EC2 instance creatio
   If set to `true`, a security group will be created or associated with the instance.
 
 * **ec2_instance_create_external_sg_name**: (Optional)
-  The name of the security group to create. Default is `default-external-sg`.
+  The name of the security group to create. Default is `ec2_instance_create-default-external-sg`.
 
 * **ec2_instance_create_external_sg_description**: (Optional)
   A description for the security group. Default is `Security group for external access`.

diff --git a/roles/ec2_instance_create/defaults/main.yml b/roles/ec2_instance_create/defaults/main.yml
@@ -3,7 +3,7 @@ ec2_instance_create_associate_eip: false
 ec2_instance_create_associate_external_sg: false
 ec2_instance_create_associate_igw: false
 ec2_instance_create_external_sg_description: "Security group for external access"
-ec2_instance_create_external_sg_name: "default-external-sg"
+ec2_instance_create_external_sg_name: "ec2_instance_create-default-external-sg"
 ec2_instance_create_wait_for_boot: true
 ec2_instance_create_external_sg_rules:
   - proto: tcp

diff --git a/roles/ec2_instance_create/meta/argument_specs.yml b/roles/ec2_instance_create/meta/argument_specs.yml
@@ -64,7 +64,7 @@ argument_specs:
         description:
           - The name of the security group to create.
         required: false
-        default: "default-external-sg"
+        default: "ec2_instance_create-default-external-sg"
         type: str
       ec2_instance_create_external_sg_description:
         description:

diff --git a/roles/ec2_instance_create/tasks/main.yml b/roles/ec2_instance_create/tasks/main.yml
@@ -11,6 +11,8 @@
         image_id: "{{ ec2_instance_create_ami_id }}"
         key_name: "{{ ec2_instance_create_key_name }}"
         vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}"
+        security_groups:
+              - "{{ ec2_instance_create_external_sg | default(omit) }}"
         tags: "{{ ec2_instance_create_tags | default(omit) }}"
         wait: "{{ ec2_instance_create_wait_for_boot }}"
       register: ec2_instance
@@ -20,7 +22,7 @@
       block:
         - name: Define security group
           amazon.aws.ec2_security_group:
-            name: "{{ ec2_instance_create_external_sg_name | default('default-external-sg') }}"
+            name: "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}"
             description: "{{ ec2_instance_create_external_sg_description | default('Security group for external access') }}"
             vpc_id: "{{ ec2_instance_create_vpc_id }}"
             rules: "{{ ec2_instance_create_external_sg_rules }}"
@@ -32,7 +34,7 @@
             instance_ids:
               - "{{ ec2_instance.instance_ids[0] }}"
             security_groups:
-              - "{{ ec2_instance_create_external_sg_name | default('default-external-sg') }}"
+              - "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}"
             vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}"
           register: ec2_instance_associate_external_sg