add functionality to delete role resources

roles/ec2_instance_create/README.md

@@ -10,6 +10,12 @@ This role also supports the creation of optional networking resources, such as a
 
 The following variables can be set in the role to customize EC2 instance creation and networking configurations:
 
+### Role operation
+
+* **ec2_instance_create_operation**: (Required)
+  Whether to create or delete resources using the role. Default is `create`.
+  Choices are `create` and `delete`.
+
 ### EC2 Instance Configuration
 
 * **ec2_instance_create_aws_region**: (Required)

roles/ec2_instance_create/meta/argument_specs.yml

@@ -7,6 +7,13 @@ argument_specs:
       - Optionally can create a security group and associate an Elastic IP with the instance.
       - Supports custom configurations for instance settings, including instance type, AMI, key pair, tags, VPC/subnet, and networking configurations.
     options:
+      ec2_instance_create_operation:
+        description:
+          - Whether to create or delete resources using the role.
+        required: false
+        type: str
+        default: create
+        choices: [create, delete]
       ec2_instance_create_aws_region:
         description:
           - The AWS region in which to create the EC2 instance.

roles/ec2_instance_create/tasks/ec2_instance_create_operations.yml

@@ -0,0 +1,93 @@
+---
+- name: Verify that the instance and security group with same name does not exist
+  block:
+    - name: Get instane info with provided name
+      amazon.aws.ec2_instance_info:
+        region: "{{ ec2_instance_create_aws_region }}"
+        filters:
+          tag:Name: "{{ ec2_instance_create_instance_name }}"
+          instance-state-name: ["running"]
+      register: ec2_info_result
+
+    - name: Print warning and exit
+      ansible.builtin.fail:
+        msg: "Instance with name {{ ec2_instance_create_instance_name }} already exists in {{ ec2_instance_create_aws_region }}. 
+              Please provide different name to avoid updating instance."
+      when: ec2_info_result.instances | length >= 1
+
+- name: Create EC2 instance with provided configuration
+  amazon.aws.ec2_instance:
+    region: "{{ ec2_instance_create_aws_region }}"
+    name: "{{ ec2_instance_create_instance_name }}"
+    instance_type: "{{ ec2_instance_create_instance_type }}"
+    image_id: "{{ ec2_instance_create_ami_id }}"
+    key_name: "{{ ec2_instance_create_key_name }}"
+    vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}"
+    security_group: "{{ ec2_instance_create_external_sg_id | default(omit) }}"
+    tags: "{{ ec2_instance_create_tags | default(omit) }}"
+    wait: "{{ ec2_instance_create_wait_for_boot }}"
+  register: ec2_instance
+
+- name: Create security group if enabled
+  when: ec2_instance_create_associate_external_sg is true
+  block:
+    - name: Define security group
+      amazon.aws.ec2_security_group:
+        name: "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}"
+        description: "{{ ec2_instance_create_external_sg_description | default('Security group for external access') }}"
+        vpc_id: "{{ ec2_instance_create_vpc_id }}"
+        rules: "{{ ec2_instance_create_external_sg_rules }}"
+        tags: "{{ ec2_instance_create_sg_tags | default(omit) }}"
+      register: ec2_group_creation
+
+    - name: Associate security group with EC2 instance
+      amazon.aws.ec2_instance:
+        instance_ids:
+          - "{{ ec2_instance.instance_ids[0] }}"
+        security_groups:
+          - "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}"
+        vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}"
+      register: ec2_instance_associate_external_sg
+
+- name: Create and Attach Internet Gateway if enabled
+  when: ec2_instance_create_associate_igw is true
+  block:
+    - name: Create an Internet Gateway
+      amazon.aws.ec2_vpc_igw:
+        region: "{{ ec2_instance_create_aws_region }}"
+        vpc_id: "{{ ec2_instance_create_vpc_id }}"
+        state: present
+        tags: "{{ ec2_instance_create_igw_tags | default(omit) }}"
+      register: internet_gateway
+
+    - name: Modify the route table to route internet traffic to Internet Gateway
+      amazon.aws.ec2_vpc_route_table:
+        region: "{{ ec2_instance_create_aws_region }}"
+        vpc_id: "{{ ec2_instance_create_vpc_id }}"
+        routes:
+          - dest: "0.0.0.0/0"
+            gateway_id: "{{ internet_gateway.gateway_id }}"
+        state: present
+
+- name: Create and associate Elastic IP if enabled
+  when: ec2_instance_create_associate_eip is true
+  block:
+    - name: Allocate and associate Elastic IP
+      amazon.aws.ec2_eip:
+        device_id: "{{ ec2_instance.instance_ids[0] }}"
+        state: present
+        release_on_disassociation: true
+        tags: "{{ ec2_instance_create_eip_tags | default(omit) }}"
+      register: instance_eip
+
+- name: Get EC2 instance info
+  amazon.aws.ec2_instance_info:
+    instance_ids: "{{ ec2_instance.instance_ids[0] }}"
+    region: "{{ ec2_instance_create_aws_region }}"
+  register: _ec2_instance
+
+- name: Output details of the created EC2 instance
+  ansible.builtin.debug:
+    msg:
+      - "EC2 instance {{ ec2_instance.instance_ids[0] }} created successfully"
+      - "Instance details: {{ _ec2_instance.instances[0] }}"

roles/ec2_instance_create/tasks/ec2_instance_delete_operations.yml

@@ -0,0 +1,24 @@
+---
+- name: Terminate EC2 instance
+  amazon.aws.ec2_instance:
+    region: "{{ ec2_instance_create_aws_region }}"
+    name: "{{ ec2_instance_create_instance_name }}"
+    instance_type: "{{ ec2_instance_create_instance_type }}"
+    image_id: "{{ ec2_instance_create_ami_id }}"
+    key_name: "{{ ec2_instance_create_key_name }}"
+    vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}"
+    security_group: "{{ ec2_instance_create_external_sg_id | default(omit) }}"
+    tags: "{{ ec2_instance_create_tags | default(omit) }}"
+    wait: "{{ ec2_instance_create_wait_for_boot }}"
+    state: absent
+
+- name: Delete security group if created
+  amazon.aws.ec2_security_group:
+    name: "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}"
+    state: absent
+
+- name: Detach and delete Internet Gateway if created
+  amazon.aws.ec2_vpc_igw:
+    region: "{{ ec2_instance_create_aws_region }}"
+    vpc_id: "{{ ec2_instance_create_vpc_id }}"
+    state: absent

roles/ec2_instance_create/tasks/main.yml

@@ -1,96 +1,13 @@
 ---
-- name: Run 'ec2_instance_create' role
+- name: EC2 Instance creation or deletion based on operation
   module_defaults:
     group/aws: "{{ aws_setup_credentials__output }}"
-  block:
-    - name: Verify that the instance and security group with same name does not exist
-      block:
-        - name: Get instane info with provided name
-          amazon.aws.ec2_instance_info:
-            region: "{{ ec2_instance_create_aws_region }}"
-            filters:
-              tag:Name: "{{ ec2_instance_create_instance_name }}"
-          register: ec2_info_result
-
-        - name: Print warning and exit
-          ansible.builtin.fail:
-            msg: "Instance with name {{ ec2_instance_create_instance_name }} already exists in {{ ec2_instance_create_aws_region }}. 
-                  Please provide different name to avoid updating instance."
-          when: ec2_info_result.instances | length >= 1
-
-    - name: Create EC2 instance with provided configuration
-      amazon.aws.ec2_instance:
-        region: "{{ ec2_instance_create_aws_region }}"
-        name: "{{ ec2_instance_create_instance_name }}"
-        instance_type: "{{ ec2_instance_create_instance_type }}"
-        image_id: "{{ ec2_instance_create_ami_id }}"
-        key_name: "{{ ec2_instance_create_key_name }}"
-        vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}"
-        security_group: "{{ ec2_instance_create_external_sg_id | default(omit) }}"
-        tags: "{{ ec2_instance_create_tags | default(omit) }}"
-        wait: "{{ ec2_instance_create_wait_for_boot }}"
-      register: ec2_instance
-
-    - name: Create security group if enabled
-      when: ec2_instance_create_associate_external_sg is true
-      block:
-        - name: Define security group
-          amazon.aws.ec2_security_group:
-            name: "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}"
-            description: "{{ ec2_instance_create_external_sg_description | default('Security group for external access') }}"
-            vpc_id: "{{ ec2_instance_create_vpc_id }}"
-            rules: "{{ ec2_instance_create_external_sg_rules }}"
-            tags: "{{ ec2_instance_create_sg_tags | default(omit) }}"
-          register: ec2_group_creation
-
-        - name: Associate security group with EC2 instance
-          amazon.aws.ec2_instance:
-            instance_ids:
-              - "{{ ec2_instance.instance_ids[0] }}"
-            security_groups:
-              - "{{ ec2_instance_create_external_sg_name | default('ec2_instance_create-default-external-sg') }}"
-            vpc_subnet_id: "{{ ec2_instance_create_vpc_subnet_id }}"
-          register: ec2_instance_associate_external_sg
 
-    - name: Create and Attach Internet Gateway if enabled
-      when: ec2_instance_create_associate_igw is true
-      block:
-        - name: Create an Internet Gateway
-          amazon.aws.ec2_vpc_igw:
-            region: "{{ ec2_instance_create_aws_region }}"
-            vpc_id: "{{ ec2_instance_create_vpc_id }}"
-            state: present
-            tags: "{{ ec2_instance_create_igw_tags | default(omit) }}"
-          register: internet_gateway
-
-        - name: Modify the route table to route internet traffic to Internet Gateway
-          amazon.aws.ec2_vpc_route_table:
-            region: "{{ ec2_instance_create_aws_region }}"
-            vpc_id: "{{ ec2_instance_create_vpc_id }}"
-            routes:
-              - dest: "0.0.0.0/0"
-                gateway_id: "{{ internet_gateway.gateway_id }}"
-            state: present
-
-    - name: Create and associate Elastic IP if enabled
-      when: ec2_instance_create_associate_eip is true
-      block:
-        - name: Allocate and associate Elastic IP
-          amazon.aws.ec2_eip:
-            device_id: "{{ ec2_instance.instance_ids[0] }}"
-            state: present
-            release_on_disassociation: true
-            tags: "{{ ec2_instance_create_eip_tags | default(omit) }}"
-          register: instance_eip
-
-    - name: Get EC2 instance info
-      amazon.aws.ec2_instance_info:
-        instance_ids: "{{ ec2_instance.instance_ids[0] }}"
-        region: "{{ ec2_instance_create_aws_region }}"
-      register: _ec2_instance
+  block:
+    - name: Include create operations
+      include_tasks: ec2_instance_create_operations.yml
+      when: ec2_instance_create_operation == 'create'
 
-    - name: Output details of the created EC2 instance
-      ansible.builtin.debug:
-        msg:
-          - "EC2 instance {{ ec2_instance.instance_ids[0] }} created successfully"
-          - "Instance details: {{ _ec2_instance.instances[0] }}"
+    - name: Include delete operations
+      include_tasks: ec2_instance_delete_operations.yml
+      when: ec2_instance_create_operation == 'delete'

tests/integration/targets/test_ec2_instance_create/tasks/test_ec2_only.yml

@@ -4,6 +4,7 @@
     ansible.builtin.include_role:
       name: cloud.aws_ops.ec2_instance_create
     vars:
+      ec2_instance_create_operation: create
       ec2_instance_create_aws_region: "{{ aws_region }}"
       ec2_instance_create_instance_name: "only-ec2-{{ resource_prefix }}"
       ec2_instance_create_instance_type: "{{ ec2_instance_type }}"

tests/integration/targets/test_ec2_instance_create/tasks/test_ec2_with_igw_sg_eip.yml

@@ -4,6 +4,7 @@
     ansible.builtin.include_role:
       name: cloud.aws_ops.ec2_instance_create
     vars:
+      ec2_instance_create_operation: create
       ec2_instance_create_aws_region: "{{ aws_region }}"
       ec2_instance_create_instance_name: "ec2-all-enabled-{{ resource_prefix }}"
       ec2_instance_create_instance_type: "{{ ec2_instance_type }}"