Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

elb_application_lb with empty security groups list behaves inconsistently on create/update #10

Closed
briantist opened this issue Mar 21, 2020 · 1 comment
Closed

elb_application_lb with empty security groups list behaves inconsistently on create/update #10

briantist opened this issue Mar 21, 2020 · 1 comment

Comments

@briantist
Copy link
Contributor

briantist commented Mar 21, 2020
edited

SUMMARY

elb_application_lb requires the security_groups option when state=present as explained in the docs (although it also says that the default is [] which seems useless since it won't accept the option being omitted).

When creating a new ALB and supplying security_groups: [] explicitly, the ALB is created successfully with the VPC default SG.

Running the same task again will fail with the error that the security_groups option is missing,

I'm not sure if this is reproducible outside of a VPC since I'm not sure there is such a thing as a default SG in that case.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

elb_application_lb

ANSIBLE VERSION

2.9.6

CONFIGURATION
OS / ENVIRONMENT
STEPS TO REPRODUCE
    - elb_application_lb:
        region: "us-east-1"
        name: "repro-delete"
        state: "present"
        subnets: "{{ my_subnets }}"
        listeners:
          - Protocol: HTTP
            Port: 80
            DefaultActions:
              - Type: forward
                TargetGroupName: repro-group-us-east-1a
        scheme: internal
        security_groups: []
        wait: yes
      register: alb
      loop: [1, 2]
EXPECTED RESULTS

ALB is created, then second run is ok.

(an acceptable result might also be that the first run fails with an invalid option value, but that does preclude the possibility of using a "default" SG)

ACTUAL RESULTS

Second run fails.

fatal: [localhost]: FAILED! => {"changed": false, "msg": "state is present but all of the following are missing: security_groups"}
@briantist briantist mentioned this issue Apr 7, 2020
Closed
@briantist
Copy link
Contributor Author

Closed in favor of ansible-collections/community.aws#28

abikouo pushed a commit to abikouo/amazon.aws that referenced this issue Oct 24, 2023
@jillr
Shippable fixes (ansible-collections#10)
1879b43 
Re-enable change detection, fixed in ansible-test in ansible/ansible#68352
Fix smoketest logic; duplicate fix from ansible/ansible/pull/67683
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@briantist