ansible-community
Minor issues with default create/destroy template
There are several issues arising from @jgoldschrafe 's excellent work on the create/destroy templates.
Sorry for the poor form in dumping these all together, however they are mostly fairly simple and I expect they will all be fixed in a batch.
These were actually found against the version in PR ansible-community/molecule-ec2#43 but do not arise from that PR. I didn't see any reason to use or report against a version which already had a number of fixes applied.
The openssh_keypair call uses the regenerate parameter which was added to community.crypto v1.0.0. This breaks Ansible 2.9.
The security group rules are created based on the default_ssh_port (22) not the port specified in the platform ssh_port parameter.
The public_key_path option is not used anywhere and should be removed.
When key_inject_method is cloud-init ssh_user sets the user to be used. When key_inject_method is ec2 it is advisory, merely configuring the inventory.
selecting a vpc using vpc_filters is not used when selecting a subnet
the results of the subnet selection, vpc_subnet_info, are used in multiple places downstream but it is not populated if a subnet is explicitly specified. This is particularly complex if the subnet is explicity specified but the VPC is not, the security group creation requires the vpc from the subnet.
in destroy.yml, ec2_vpc_subnet_info is missing the region specifier
additional:
The platform filter during instance creation doesn't filter based on state. So a terminated instance will count as existing causing the creation to skip improperly.
The AWS_PROFILE environment variable is used in create to set the default_aws_profile variable.
My understanding is that this isn't needed. If it is omitted it falls back to boto3, which uses AWS_PROFILE as its first option.
Removing this would just remove complications.