From dad97f8d52f34e3f54669dcd2907b7c96da0bd88 Mon Sep 17 00:00:00 2001 From: Mandar Kulkarni Date: Thu, 21 Nov 2024 12:48:54 -0800 Subject: [PATCH] add functionality to associate existing sg with instane during creation --- roles/ec2_instance_create/README.md | 5 ++++- roles/ec2_instance_create/defaults/main.yml | 2 +- roles/ec2_instance_create/meta/argument_specs.yml | 2 +- roles/ec2_instance_create/tasks/main.yml | 6 ++++-- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/roles/ec2_instance_create/README.md b/roles/ec2_instance_create/README.md index facef86..2ec6144 100644 --- a/roles/ec2_instance_create/README.md +++ b/roles/ec2_instance_create/README.md @@ -30,6 +30,9 @@ The following variables can be set in the role to customize EC2 instance creatio * **ec2_instance_create_vpc_subnet_id**: (Required) The ID of the VPC subnet in which the instance will be launched. +* **ec2_instance_create_external_sg**: (Optional) + The ID of the security group to be associated with EC2 instance. + * **ec2_instance_create_tags**: (Optional) A dictionary of tags to assign to the EC2 instance. @@ -63,7 +66,7 @@ The following variables can be set in the role to customize EC2 instance creatio If set to `true`, a security group will be created or associated with the instance. * **ec2_instance_create_external_sg_name**: (Optional) - The name of the security group to create. Default is `default-external-sg`. + The name of the security group to create. Default is `ec2_instance_create-default-external-sg`. * **ec2_instance_create_external_sg_description**: (Optional) A description for the security group. Default is `Security group for external access`. diff --git a/roles/ec2_instance_create/defaults/main.yml b/roles/ec2_instance_create/defaults/main.yml index 7f32c30..59aef90 100644 --- a/roles/ec2_instance_create/defaults/main.yml +++ b/roles/ec2_instance_create/defaults/main.yml @@ -3,7 +3,7 @@ ec2_instance_create_associate_eip: false ec2_instance_create_associate_external_sg: false ec2_instance_create_associate_igw: false ec2_instance_create_external_sg_description: "Security group for external access" -ec2_instance_create_external_sg_name: "default-external-sg" +ec2_instance_create_external_sg_name: "ec2_instance_create-default-external-sg" ec2_instance_create_wait_for_boot: true ec2_instance_create_external_sg_rules: - proto: tcp diff --git a/roles/ec2_instance_create/meta/argument_specs.yml b/roles/ec2_instance_create/meta/argument_specs.yml index 2790dac..4bd8b60 100644 --- a/roles/ec2_instance_create/meta/argument_specs.yml +++ b/roles/ec2_instance_create/meta/argument_specs.yml @@ -64,7 +64,7 @@ argument_specs: description: - The name of the security group to create. required: false - default: "default-external-sg" + default: "ec2_instance_create-default-external-sg" type: str ec2_instance_create_external_sg_description: description: diff --git a/roles/ec2_instance_create/tasks/main.yml b/roles/ec2_instance_create/tasks/main.yml index 713e5cb..b7e704c 100644 --- a/roles/ec2_instance_create/tasks/main.yml +++ b/roles/ec2_instance_create/tasks/main.yml @@ -11,6 +11,8 @@ image_id: "{{ ec2_instance_create_ami_id }}" key_name: "{{ ec2_instance_create_key_name }}" vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}" + security_groups: + - "{{ ec2_instance_create_external_sg | default(omit) }}" tags: "{{ ec2_instance_create_tags | default(omit) }}" wait: "{{ ec2_instance_create_wait_for_boot }}" register: ec2_instance @@ -20,7 +22,7 @@ block: - name: Define security group amazon.aws.ec2_security_group: - name: "{{ ec2_instance_create_external_sg_name | default('default-external-sg') }}" + name: "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}" description: "{{ ec2_instance_create_external_sg_description | default('Security group for external access') }}" vpc_id: "{{ ec2_instance_create_vpc_id }}" rules: "{{ ec2_instance_create_external_sg_rules }}" @@ -32,7 +34,7 @@ instance_ids: - "{{ ec2_instance.instance_ids[0] }}" security_groups: - - "{{ ec2_instance_create_external_sg_name | default('default-external-sg') }}" + - "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}" vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}" register: ec2_instance_associate_external_sg