From 6f207ec1b77bcee134df9e51d59215e8e6a948c7 Mon Sep 17 00:00:00 2001 From: Taeho Park <113317744+taehopark32@users.noreply.github.com> Date: Tue, 4 Jul 2023 08:17:04 -0400 Subject: [PATCH] ec2_vpc_nat_gateway show fails if EIP doesn't exist (#1604) ec2_vpc_nat_gateway show fails if EIP doesn't exist SUMMARY Fixes #1295 ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/ec2_vpc_nat_gateway ADDITIONAL INFORMATION Reviewed-by: Jill R Reviewed-by: Bikouo Aubin Reviewed-by: Alina Buzachis Reviewed-by: Mike Graves --- ...1604-c2_vpc_nat_gateway-fails-silently.yml | 3 ++ plugins/modules/ec2_vpc_nat_gateway.py | 36 +++++++++++++++- .../ec2_vpc_nat_gateway/tasks/main.yml | 41 +++++++++++++++++++ 3 files changed, 78 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/1604-c2_vpc_nat_gateway-fails-silently.yml diff --git a/changelogs/fragments/1604-c2_vpc_nat_gateway-fails-silently.yml b/changelogs/fragments/1604-c2_vpc_nat_gateway-fails-silently.yml new file mode 100644 index 00000000000..e72d9944607 --- /dev/null +++ b/changelogs/fragments/1604-c2_vpc_nat_gateway-fails-silently.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- ec2_vpc_nat_gateway - adding a boolean parameter called ``default_create`` to allow users to have the option to choose whether they want to display an error message or create a NAT gateway when an EIP address is not found. The module (ec2_vpc_nat_gateway) had incorrectly failed silently if EIP didn't exist (https://github.com/ansible-collections/amazon.aws/issues/1295). \ No newline at end of file diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index 34f4fde632d..3586a98806e 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -75,6 +75,16 @@ When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail. type: str + default_create: + description: + - When I(default_create=True) and I(eip_address) has been set, but not yet + allocated, the NAT gateway is created and a new EIP is automatically allocated. + - When I(default_create=False) and I(eip_address) has been set, but not yet + allocated, the module will fail. + - If I(eip_address) has not been set, this parameter has no effect. + default: false + type: bool + version_added: 6.2.0 author: - Allen Sanabria (@linuxdynasty) - Jon Hadfield (@jonhadfield) @@ -660,6 +670,7 @@ def pre_create( wait=False, client_token=None, connectivity_type="public", + default_create=False, ): """Create an Amazon NAT Gateway. Args: @@ -681,6 +692,8 @@ def pre_create( default = False client_token (str): default = None + default_create (bool): create a NAT gateway even if EIP address is not found. + default = False Basic Usage: >>> client = boto3.client('ec2') @@ -745,9 +758,25 @@ def pre_create( elif eip_address or allocation_id: if eip_address and not allocation_id: allocation_id, msg = get_eip_allocation_id_by_address(client, module, eip_address) - if not allocation_id: + if not allocation_id and not default_create: changed = False - return changed, msg, dict() + module.fail_json(msg=msg) + elif not allocation_id and default_create: + eip_address = None + return pre_create( + client, + module, + subnet_id, + tags, + purge_tags, + allocation_id, + eip_address, + if_exist_do_not_create, + wait, + client_token, + connectivity_type, + default_create, + ) existing_gateways, allocation_id_exists = gateway_in_subnet_exists(client, module, subnet_id, allocation_id) @@ -870,6 +899,7 @@ def main(): client_token=dict(type="str", no_log=False), tags=dict(required=False, type="dict", aliases=["resource_tags"]), purge_tags=dict(default=True, type="bool"), + default_create=dict(type="bool", default=False), ) module = AnsibleAWSModule( @@ -891,6 +921,7 @@ def main(): if_exist_do_not_create = module.params.get("if_exist_do_not_create") tags = module.params.get("tags") purge_tags = module.params.get("purge_tags") + default_create = module.params.get("default_create") try: client = module.client("ec2", retry_decorator=AWSRetry.jittered_backoff()) @@ -913,6 +944,7 @@ def main(): wait, client_token, connectivity_type, + default_create, ) else: changed, msg, results = remove(client, module, nat_gateway_id, wait, release_eip, connectivity_type) diff --git a/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml b/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml index 4007d2014a8..d0b519d3d1e 100644 --- a/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml @@ -411,6 +411,47 @@ - create_ngw.vpc_id == vpc_id + # ============================================================ + - name: Create new NAT gateway when eip_address is invalid and create_default is true + ec2_vpc_nat_gateway: + subnet_id: '{{ subnet_id }}' + eip_address: "192.0.2.1" + state: present + wait: yes + default_create: true + register: _nat_gateway + + - name: + assert: + that: + - _nat_gateway.changed + - '"create_time" in _nat_gateway' + - '"nat_gateway_addresses" in _nat_gateway' + - '"nat_gateway_id" in _nat_gateway' + - _nat_gateway.nat_gateway_id.startswith("nat-") + - '"state" in _nat_gateway' + - _nat_gateway.state == 'available' + - '"subnet_id" in _nat_gateway' + - _nat_gateway.subnet_id == subnet_id + - '"tags" in _nat_gateway' + - '"vpc_id" in _nat_gateway' + - _nat_gateway.vpc_id == vpc_id + + - name: Fail when eip_address is invalid and create_default is false + ec2_vpc_nat_gateway: + subnet_id: '{{ subnet_id }}' + eip_address: "192.0.2.1" + state: present + wait: yes + register: _fail_nat_gateway + ignore_errors: true + + - name: Assert fail because eip_address is invalid + assert: + that: + _fail_nat_gateway.msg == "EIP 192.0.2.1 does not exist" + + # ============================================================ - name: Fetch NAT gateway by ID (list) ec2_vpc_nat_gateway_info: