[cloud] ec2_vpc_peer should remove peering connections (#20113)

Don't try to create tags on a vpc that you've just removed.

Avoids

```
 "msg": "An error occurred (InvalidParameterValue) when calling the CreateTags operation: You must specify one or more tags to create"
```

Although not quite sure why the `create_tags` was being called
as `module.params.get('tags')` *should* have returned `None`.

1 files changed, 61 insertions, 35 deletions

diff --git a/lib/ansible/modules/cloud/amazon/ec2_vpc_peer.py b/lib/ansible/modules/cloud/amazon/ec2_vpc_peer.py
index 38ef37b008..2472f0eedf 100755
--- a/lib/ansible/modules/cloud/amazon/ec2_vpc_peer.py
+++ b/lib/ansible/modules/cloud/amazon/ec2_vpc_peer.py
@@ -13,6 +13,7 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
 ANSIBLE_METADATA = {'status': ['stableinterface'],
                     'supported_by': 'committer',
                     'version': '1.0'}
@@ -192,13 +193,14 @@ task:
   type: dictionary
 '''
 
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.ec2 import boto3_conn, ec2_argument_spec
+from ansible.module_utils.ec2 import get_aws_connection_info, HAS_BOTO3
+
 try:
-    import json
     import botocore
-    import boto3
-    HAS_BOTO3 = True
 except ImportError:
-    HAS_BOTO3 = False
+    pass  # caught by imported HAS_BOTO3
 
 
 def tags_changed(pcx_id, client, module):
@@ -224,15 +226,19 @@ def tags_changed(pcx_id, client, module):
 
 
 def describe_peering_connections(params, client):
-    result = client.describe_vpc_peering_connections(Filters=[
-        {'Name': 'requester-vpc-info.vpc-id', 'Values': [params['VpcId']]},
-        {'Name': 'accepter-vpc-info.vpc-id', 'Values': [params['PeerVpcId']]}
-        ])
+    result = client.describe_vpc_peering_connections(
+        Filters=[
+            {'Name': 'requester-vpc-info.vpc-id', 'Values': [params['VpcId']]},
+            {'Name': 'accepter-vpc-info.vpc-id', 'Values': [params['PeerVpcId']]}
+        ]
+    )
     if result['VpcPeeringConnections'] == []:
-        result = client.describe_vpc_peering_connections(Filters=[
-            {'Name': 'requester-vpc-info.vpc-id', 'Values': [params['PeerVpcId']]},
-            {'Name': 'accepter-vpc-info.vpc-id', 'Values': [params['VpcId']]}
-            ])
+        result = client.describe_vpc_peering_connections(
+            Filters=[
+                {'Name': 'requester-vpc-info.vpc-id', 'Values': [params['PeerVpcId']]},
+                {'Name': 'accepter-vpc-info.vpc-id', 'Values': [params['VpcId']]}
+            ]
+        )
     return result
 
 
@@ -272,6 +278,28 @@ def create_peer_connection(client, module):
         module.fail_json(msg=str(e))
 
 
+def remove_peer_connection(client, module):
+    pcx_id = module.params.get('peering_id')
+    params = dict()
+    if not pcx_id:
+        params['VpcId'] = module.params.get('vpc_id')
+        params['PeerVpcId'] = module.params.get('peer_vpc_id')
+        if module.params.get('peer_owner_id'):
+            params['PeerOwnerId'] = str(module.params.get('peer_owner_id'))
+        params['DryRun'] = module.check_mode
+        peering_conns = describe_peering_connections(params, client)
+        if not peering_conns:
+            module.exit_json(changed=False)
+        else:
+            pcx_id = peering_conns['VpcPeeringConnections'][0]['VpcPeeringConnectionId']
+    try:
+        params['VpcPeeringConnectionId'] = pcx_id
+        client.delete_vpc_peering_connection(**params)
+        module.exit_json(changed=True)
+    except botocore.exceptions.ClientError as e:
+        module.fail_json(msg=str(e))
+
+
 def peer_status(client, module):
     params = dict()
     params['VpcPeeringConnectionIds'] = [module.params.get('peering_id')]
@@ -279,19 +307,17 @@ def peer_status(client, module):
     return vpc_peering_connection['VpcPeeringConnections'][0]['Status']['Code']
 
 
-def accept_reject_delete(state, client, module):
+def accept_reject(state, client, module):
     changed = False
     params = dict()
     params['VpcPeeringConnectionId'] = module.params.get('peering_id')
     params['DryRun'] = module.check_mode
-    invocations = {
-        'accept': client.accept_vpc_peering_connection,
-        'reject': client.reject_vpc_peering_connection,
-        'absent': client.delete_vpc_peering_connection
-    }
-    if state == 'absent' or peer_status(client, module) != 'active':
+    if peer_status(client, module) != 'active':
         try:
-            invocations[state](**params)
+            if state == 'accept':
+                client.accept_vpc_peering_connection(**params)
+            else:
+                client.reject_vpc_peering_connection(**params)
             if module.params.get('tags'):
                 create_tags(params['VpcPeeringConnectionId'], client, module)
             changed = True
@@ -334,38 +360,38 @@ def find_pcx_by_id(pcx_id, client, module):
 
 def main():
     argument_spec = ec2_argument_spec()
-    argument_spec.update(dict(
-        vpc_id=dict(),
-        peer_vpc_id=dict(),
-        peering_id=dict(),
-        peer_owner_id=dict(),
-        tags=dict(required=False, type='dict'),
-        profile=dict(),
-        state=dict(default='present', choices=['present', 'absent', 'accept', 'reject'])
+    argument_spec.update(
+        dict(
+            vpc_id=dict(),
+            peer_vpc_id=dict(),
+            peering_id=dict(),
+            peer_owner_id=dict(),
+            tags=dict(required=False, type='dict'),
+            profile=dict(),
+            state=dict(default='present', choices=['present', 'absent', 'accept', 'reject'])
         )
     )
     module = AnsibleModule(argument_spec=argument_spec)
 
     if not HAS_BOTO3:
         module.fail_json(msg='json, botocore and boto3 are required.')
-    state = module.params.get('state').lower()
+    state = module.params.get('state')
     try:
         region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
-        client = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs)
+        client = boto3_conn(module, conn_type='client', resource='ec2',
+                            region=region, endpoint=ec2_url, **aws_connect_kwargs)
     except botocore.exceptions.NoCredentialsError as e:
         module.fail_json(msg="Can't authorize connection - "+str(e))
 
     if state == 'present':
         (changed, results) = create_peer_connection(client, module)
         module.exit_json(changed=changed, peering_id=results)
+    elif state == 'absent':
+        remove_peer_connection(client, module)
     else:
-        (changed, results) = accept_reject_delete(state, client, module)
+        (changed, results) = accept_reject(state, client, module)
         module.exit_json(changed=changed, peering_id=results)
 
 
-# import module snippets
-from ansible.module_utils.basic import *
-from ansible.module_utils.ec2 import *
-
 if __name__ == '__main__':
     main()