partha sarathi
Reputation: 11
Ansible ec2_eni module. How to add additional security_groups for an ec2_eni interface?
I am trying add additional security_groups to my existing ec2_ENIs. The module ec2_eni seems like non idempotent. When I add a new security group using ec2_eni module it removes the existing groups and adds only the group I have mentioned in the playbook.
So the option left for me is to get the existing ec2_eni_facts and upate it as a fact. Problem with this approach is the values are coming in nested arrays like below example. How to get the security groups alone as a fact?
Ansible version 2.5.1
Playbook:
---
- hosts: ansiblecontroller
gather_facts: false
connection: local
user: root
tasks:
- ec2_eni_facts:
filters:
network-interface-id: "eni-xxxxxxxxxxxx"
register: enifacts
- debug: msg="{{ enifacts }}"
- name: set empty list
set_fact:
name1: "ENI1"
grouplist: []
fact1: []
parthas: []
security_groups: []
- name: set empty list
set_fact:
fact1: "{{ enifacts | json_query('network_interfaces[*].groups[*]') }}"
grouplist: "{{ grouplist }} + [ '{{ name1 }}' ]"
- debug: msg="{{ grouplist }}"
- debug: msg="{{ fact1 }}"
Result:
TASK [debug] ************************************************************************************************************************************************
ok: [10.21.10.155] => {
"msg": "[u'ENI1'] + [ '[[{u'group_id': u'sg-0bf33819021de5d15', u'group_name': u'default'}, {u'group_id': u'sg-008569a91671d5090', u'group_name': u'Lab4-INTRA-VPC-Subnet-Traffic'}]]' ]"
}
TASK [debug] ************************************************************************************************************************************************
ok: [10.21.10.155] => {
"msg": [
[
{
"group_id": "sg-0bf33819021de5d15",
"group_name": "default"
},
{
"group_id": "sg-008569a91671d5090",
"group_name": "Lab4-INTRA-VPC-Subnet-Traffic"
}
]
]
}
Upvotes: 1
Views: 245
Answers (1)
sushrut619
Reputation: 1004
Will this not work for you if you provide it with parameters associated with your EIP? https://docs.ansible.com/ansible/2.5/modules/ec2_group_facts_module.html#ec2-group-facts-module
Upvotes: 0
Related Questions
- AWS: When specifying a security group to an instance, is its ENI specified the security group under the hood?
- How can I get the security group id associated with an ec2 instance using ansible
- How do you add tags to AWS security groups through Ansible?
- Connect EC2 instance to Target Group using Ansible
- Ansible to create aws security group and add to instance
- Ansible EC2 with security groups across VPC peering connections
- How to add a temporary rule to an EC2 security group with Ansible
- Add a security group to running instance using Ansible
- Ansible AWS EC2 security group not updated
- How do I add or remove security groups from ENIs using Boto?