cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Adds support for purge_rules. Similar to how ec2_elb_lb does with zones

Browse source
This commit is contained in:
Mike Buzzetti 2014-05-28 14:19:29 -04:00 committed by Michael DeHaan
parent d0205b2878
commit bc1ad708dd
1 changed files with 43 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
library/cloud/ec2_group
View file

@ -45,6 +45,20 @@ options:
default: 'present'
choices: [ "present", "absent" ]
aliases: []
purge_rules:
version_added: "1.7"
description:
- Purge existing rules on security group that are not found in rules
required: false
default: 'true'
aliases: []
purge_rules_egress:
version_added: "1.7"
description:
- Purge existing rules_egree on security group that are not found in rules_egress
required: false
default: 'true'
aliases: []
extends_documentation_fragment: aws
@ -164,6 +178,9 @@ def main():
rules=dict(),
rules_egress=dict(),
state = dict(default='present', choices=['present', 'absent']),
purge_rules=dict(default=True, required=False, type='bool'),
purge_rules_egress=dict(default=True, required=False, type='bool'),
)
)
module = AnsibleModule(
@ -177,6 +194,8 @@ def main():
rules = module.params['rules']
rules_egress = module.params['rules_egress']
state = module.params.get('state')
purge_rules = module.params['purge_rules']
purge_rules_egress = module.params['purge_rules_egress']
changed = False
@ -274,7 +293,8 @@ def main():
changed = True
# Finally, remove anything left in the groupRules -- these will be defunct rules
for rule in groupRules.itervalues():
if purge_rules:
for rule in groupRules.itervalues() :
for grant in rule.grants:
grantGroup = None
if grant.group_id:
@ -338,6 +358,7 @@ def main():
del groupRules[default_egress_rule]
# Finally, remove anything left in the groupRules -- these will be defunct rules
if purge_rules_egress:
for rule in groupRules.itervalues():
for grant in rule.grants:
grantGroup = None