From d13d7e94043564049318b904cbc2bd7ea1a137b4 Mon Sep 17 00:00:00 2001 From: Will Thames Date: Fri, 8 Dec 2017 06:17:45 +1000 Subject: Fail when attempting to modify unmodifiable target group parameters (#33246) * Fail when attempting to modify unmodifiable target group parameters As you can't modify Port, Protocol or VPC id for a target group, fail when this happens rather than pretending to do it. One could argue that the target group could be recreated rather than failing, but this has massive knock on implications to other resources that depend on the TG (all ASGs would need to be updated, the ELB listener would need to be updated, etc) * Use `.get()` instead of direct dictionary access --- lib/ansible/modules/cloud/amazon/elb_target_group.py | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lib/ansible/modules/cloud/amazon') diff --git a/lib/ansible/modules/cloud/amazon/elb_target_group.py b/lib/ansible/modules/cloud/amazon/elb_target_group.py index 7b43b89b1d..5042bf37ae 100644 --- a/lib/ansible/modules/cloud/amazon/elb_target_group.py +++ b/lib/ansible/modules/cloud/amazon/elb_target_group.py @@ -384,6 +384,11 @@ def create_or_update_target_group(connection, module): tg = get_target_group(connection, module) if tg: + diffs = [param for param in ('Port', 'Protocol', 'VpcId') + if tg.get(param) != params.get(param)] + if diffs: + module.fail_json(msg="Cannot modify %s parameter(s) for a target group" % + ", ".join(diffs)) # Target group exists so check health check parameters match what has been passed health_check_params = dict() -- cgit v1.2.1