ec2_vpc doesn't create subnets correctly

[ryannealmes]

Issue Type:
Bug Report

Ansible Version:
From Source
Master
ansible 2.1.0

Ansible Configuration:
Not changes

Environment:
Mac OSX Yosimite

Summary:
The ec2_vpc module seems to be broken. Subnet creation is no longer idempotent and it seems to be overwriting things incorrectly. I have narrowed the issue down to the following commit. I am trying to resolve the issue, but I haven't done too much python.

Steps to reproduce:
I am creating a VPC in AWS using Ansible. The following play is run

- name: create vpc with multi-az subnets
  ec2_vpc:
    region: "{{ region }}"
    cidr_block: "{{ vpc_cidr_block }}"
    resource_tags: '{"Name":"{{ prefix }}_vpc"}'
    subnets:
      - cidr: "{{ vpc_cidr_subnet_public_0 }}"
        az: "{{ region }}{{ availability_zone_0 }}"
        resource_tags: '{"Name":"{{ prefix }}_subnet_public_0", "Class":"web", "Partner":prefix }'
      - cidr: "{{ vpc_cidr_subnet_private_0 }}"
        az: "{{ region }}{{ availability_zone_0 }}"
        resource_tags: '{"Name":"{{ prefix }}_subnet_private_0", "Class":"db", "Partner":prefix }'
      - cidr: "{{ vpc_cidr_subnet_private_1 }}"
        az: "{{ region }}{{ availability_zone_1 }}"
        resource_tags: '{"Name":"{{ prefix }}_subnet_private_1", "Class":"db", "Partner":prefix }'
    internet_gateway: yes
    route_tables:
      - subnets:
        - "{{ vpc_cidr_subnet_public_0 }}"
        routes:
          - dest: 0.0.0.0/0
            gw: igw
    wait: yes
  register: vpc

First time around this creates everything perfectly. Second time around, I expect it to not do anything as everything has been created, however, the public subnet is updated to a private one.

Here are the variables:

---
region: eu-west-1
prefix: staging
vpc_environment: staging
vpc_cidr_block: 20.0.0.0/16
vpc_cidr_subnet_public_0: 20.0.0.0/24
vpc_cidr_subnet_private_0: 20.0.1.0/24
vpc_cidr_subnet_private_1: 20.0.2.0/24
availability_zone_0: b
availability_zone_1: c

Also just to clarify on what change is happening. All the resource tags of the one subnet (public) are being overwritten with the tags of another subnet (private).

I have narrowed this down to the following commit.

[ryannealmes]

Adding @autotune as he worked on the commit.

[autotune]

@ryannealmes

Hey Ryan,

Thanks for the heads up. I will look into replicating this issue and fixing as soon as I have time available. Will also keep this thread updated as I look into it and see where we can go from here.

[ryannealmes]

@autotune I have already submitted a PR. The code is good, just needed to be indented.

[davidecerri]

Any updates on this.

[ryannealmes]

It was merged into ansible:devel - #2931

[filipenf]

This bug may mess with the entire subnet tagging of the user. I experienced myself using v2.0.1.0-1, fortunately did on an isolated vpc.

It would be nice if we could release this one ASAP

[thaumos]

Same as #3123. Fixed by #2931

[abadger]

Thanks everyone. Closing as fixed in devel (will be 2.1.0) via #2931