ansible/test/integration/targets/ec2_instance/tasks/termination_protection.yml

110 lines
3.9 KiB
YAML
Raw Normal View History

- block:
- name: set connection information for all tasks
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: true
- name: Make termination-protected instance in the testing subnet created in the test VPC
ec2_instance:
name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
image_id: "{{ ec2_ami_image[aws_region] }}"
tags:
TestId: "{{ resource_prefix }}"
security_groups: "{{ sg.group_id }}"
vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
termination_protection: true
instance_type: t2.micro
state: running
wait: yes
<<: *aws_connection_info
register: in_test_vpc
- name: Make termination-protected instance in the testing subnet created in the test VPC(check mode)
ec2_instance:
name: "{{ resource_prefix }}-test-protected-instance-in-vpc-checkmode"
image_id: "{{ ec2_ami_image[aws_region] }}"
tags:
TestId: "{{ resource_prefix }}"
security_groups: "{{ sg.group_id }}"
vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
termination_protection: true
instance_type: t2.micro
<<: *aws_connection_info
check_mode: yes
- name: "fact presented ec2 instance"
ec2_instance_info:
filters:
"tag:Name": "{{ resource_prefix }}-test-protected-instance-in-vpc"
"instance-state-name": "running"
<<: *aws_connection_info
register: presented_instance_fact
- name: "fact checkmode ec2 instance"
ec2_instance_info:
filters:
"tag:Name": "{{ resource_prefix }}-test-protected-instance-in-vpc-checkmode"
<<: *aws_connection_info
register: checkmode_instance_fact
- name: "Confirm whether the check mode is working normally."
assert:
that:
- "{{ presented_instance_fact.instances | length }} > 0"
- "'{{ presented_instance_fact.instances.0.state.name }}' in ['running', 'pending']"
- "{{ checkmode_instance_fact.instances | length }} == 0"
- name: Try to terminate the instance
ec2_instance:
state: absent
name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
image_id: "{{ ec2_ami_image[aws_region] }}"
tags:
TestId: "{{ resource_prefix }}"
security_groups: "{{ sg.group_id }}"
vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
termination_protection: true
instance_type: t2.micro
<<: *aws_connection_info
register: bad_terminate
ignore_errors: yes
- name: Cannot terminate protected instance
assert:
that:
- bad_terminate is failed
- name: Alter termination protection setting
ec2_instance:
name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
image_id: "{{ ec2_ami_image[aws_region] }}"
vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
termination_protection: false
instance_type: t2.micro
<<: *aws_connection_info
- name: Try to terminate the instance again (should work)
ec2_instance:
name: "{{ resource_prefix }}-test-protected-instance-in-vpc"
image_id: "{{ ec2_ami_image[aws_region] }}"
vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
instance_type: t2.micro
state: absent
wait: false
<<: *aws_connection_info
register: terminate_results
- assert:
that: terminate_results is not failed
always:
- name: Terminate instance
ec2_instance:
filters:
tag:TestId: "{{ resource_prefix }}"
state: absent
wait: false
<<: *aws_connection_info
register: result
ignore_errors: yes