parent: 3bf114fa | patch | commit | ignore whitespace
Guillaume Coré
2019-04-29 761a0db4bee409bc2dc605411a178b7e66f345a0 
infra-ec2-ssh-key: add a variable to delete the key first

This commit, if applied, will introduce a new variable infra_ec2_ssh_key_force
that defaults to false.
If set to true, the key will first be deleted remotely.
2 files modified
14 ■■■■■ changed files
ansible/roles/infra-ec2-ssh-key/defaults/main.yml 2 ●●●●● patch | view | raw | blame | history
ansible/roles/infra-ec2-ssh-key/tasks/main.yml 12 ●●●●● patch | view | raw | blame | history 
 ansible/roles/infra-ec2-ssh-key/defaults/main.yml


@@ -1,3 +1,5 @@


---


output_dir: /tmp/output_dir


key_name: temporary_opentlc




infra_ec2_ssh_key_force: false




 ansible/roles/infra-ec2-ssh-key/tasks/main.yml


@@ -19,7 +19,17 @@




- when: not stat_infra_ssh_key.stat.exists


  block:


    - name: Create OPENTLC backdoor key


    - name: Delete OPENTLC infra key


      when: infra_ec2_ssh_key_force | bool


      environment:


        AWS_ACCESS_KEY_ID: "{{ aws_access_key_id }}"


        AWS_SECRET_ACCESS_KEY: "{{ aws_secret_access_key }}"


        AWS_REGION: "{{ aws_region }}"


      ec2_key:


        name: "{{ key_name }}"


        state: absent




    - name: Create OPENTLC infra key


      environment:


        AWS_ACCESS_KEY_ID: "{{ aws_access_key_id }}"


        AWS_SECRET_ACCESS_KEY: "{{ aws_secret_access_key }}"