I still don't see support for this with Ansible 2.4. What is puzzling is that terraform supports this, and I would debate that terraform is a newer automation tool in the environment.
I have submitted a feature request here. https://github.com/ansible/ansible/issues/31383 The method I use to work around this limitation is just... well ugly. On Saturday, January 9, 2016 at 2:13:40 AM UTC-5, Joel Thompson wrote: > > I'd love this, and I've thought of doing the same thing myself. The tricky > thing is that, at least when I looked at it, boto2 didn't support targeting > a prefix list in security groups, so it would have to be done through > boto3. The current stance of Ansible is that it's fine to require boto3 for > features in modules when those features aren't available in boto2, but that > the module should work just fine if the feature which requires boto3 isn't > requested and boto3 is not installed. And the way the current code is > structured, it felt like it would be very messy to try to do that > "surgically" so I never got around to doing it. It might be best to just > include two different implementations, one with boto3 and one with boto2, > rather than try to surgically fit boto3 in there. > > --Joel > > On Fri, Jan 8, 2016 at 5:15 PM Josh Smift <j...@care.com <javascript:>> > wrote: > >> It looks like you can't specify a prefix list in a security group rule in >> ec2_group, which you might want to do if you have egress rules and want to >> allow access to S3. (To put a finer point on it, *we* want to do this, >> because we have egress rules, and want to include a rule that allows >> access to S3, via the S3 prefix list. :^) >> >> Would this be a desirable addition to the ec2_group module? >> >> -Josh (j...@care.com <javascript:>) >> >> >> >> >> >> This email is intended for the person(s) to whom it is addressed and may >> contain information that is PRIVILEGED or CONFIDENTIAL. Any unauthorized >> use, distribution, copying, or disclosure by any person other than the >> addressee(s) is strictly prohibited. If you have received this email in >> error, please notify the sender immediately by return email and delete the >> message and any attachments from your system. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Development" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ansible-deve...@googlegroups.com <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
