1- module_defaults: 2 group/aws: 3 region: "{{ aws_region }}" 4 aws_access_key: "{{ aws_access_key }}" 5 aws_secret_key: "{{ aws_secret_key }}" 6 security_token: "{{ security_token | default(omit) }}" 7 collections: 8 - amazon.aws 9 block: 10 # ============================================================ 11 # TESTS 12 13 # Create 14 15 - name: Create the identity provider (check-mode) 16 iam_saml_federation: 17 name: '{{ provider_name }}' 18 state: present 19 saml_metadata_document: '{{ lookup("file", "example1.xml") }}' 20 register: create_result 21 check_mode: yes 22 - name: assert changed 23 assert: 24 that: 25 - create_result is changed 26 27 - name: Create the identity provider 28 iam_saml_federation: 29 name: '{{ provider_name }}' 30 state: present 31 saml_metadata_document: '{{ lookup("file", "example1.xml") }}' 32 register: create_result 33 - name: assert idp created 34 assert: 35 that: 36 - create_result is changed 37 - "'saml_provider' in create_result" 38 - "'arn' in create_result.saml_provider" 39 - create_result.saml_provider.arn.startswith("arn:aws") 40 - create_result.saml_provider.arn.endswith(provider_name) 41 - "'create_date' in create_result.saml_provider" 42 - "'expire_date' in create_result.saml_provider" 43 - "'metadata_document' in create_result.saml_provider" 44 45 - name: Test that nothing changes when we retry (check_mode) 46 iam_saml_federation: 47 name: '{{ provider_name }}' 48 state: present 49 saml_metadata_document: '{{ lookup("file", "example1.xml") }}' 50 register: create_result 51 check_mode: yes 52 - name: assert the idp doesn't change when we retry 53 assert: 54 that: 55 - create_result is not changed 56 57 - name: Test that nothing changes when we retry 58 iam_saml_federation: 59 name: '{{ provider_name }}' 60 state: present 61 saml_metadata_document: '{{ lookup("file", "example1.xml") }}' 62 register: create_result 63 - name: assert the idp doesn't change when we retry 64 assert: 65 that: 66 - create_result is not changed 67 - "'saml_provider' in create_result" 68 - "'arn' in create_result.saml_provider" 69 - create_result.saml_provider.arn.startswith("arn:aws") 70 - create_result.saml_provider.arn.endswith(provider_name) 71 - "'create_date' in create_result.saml_provider" 72 - "'expire_date' in create_result.saml_provider" 73 - "'metadata_document' in create_result.saml_provider" 74 75 # Update 76 77 - name: Change the identity provider (check_mode) 78 iam_saml_federation: 79 name: '{{ provider_name }}' 80 state: present 81 saml_metadata_document: '{{ lookup("file", "example2.xml") }}' 82 register: change_result 83 check_mode: yes 84 - name: assert idp created 85 assert: 86 that: 87 - change_result is changed 88 89 - name: Change the identity provider 90 iam_saml_federation: 91 name: '{{ provider_name }}' 92 state: present 93 saml_metadata_document: '{{ lookup("file", "example2.xml") }}' 94 register: change_result 95 - name: assert idp created 96 assert: 97 that: 98 - change_result is changed 99 - "'saml_provider' in create_result" 100 - "'arn' in create_result.saml_provider" 101 - change_result.saml_provider.arn.startswith("arn:aws") 102 - change_result.saml_provider.arn.endswith(provider_name) 103 - "'create_date' in create_result.saml_provider" 104 - "'expire_date' in create_result.saml_provider" 105 - "'metadata_document' in create_result.saml_provider" 106 107 - name: Test that nothing changes when we retry (check_mode) 108 iam_saml_federation: 109 name: '{{ provider_name }}' 110 state: present 111 saml_metadata_document: '{{ lookup("file", "example2.xml") }}' 112 register: change_result 113 check_mode: yes 114 - name: assert the idp doesn't change when we retry 115 assert: 116 that: 117 - change_result is not changed 118 119 - name: Test that nothing changes when we retry 120 iam_saml_federation: 121 name: '{{ provider_name }}' 122 state: present 123 saml_metadata_document: '{{ lookup("file", "example2.xml") }}' 124 register: change_result 125 - name: assert the idp doesn't change when we retry 126 assert: 127 that: 128 - change_result is not changed 129 - "'saml_provider' in create_result" 130 - "'arn' in create_result.saml_provider" 131 - change_result.saml_provider.arn.startswith("arn:aws") 132 - change_result.saml_provider.arn.endswith(provider_name) 133 - "'create_date' in create_result.saml_provider" 134 - "'expire_date' in create_result.saml_provider" 135 - "'metadata_document' in create_result.saml_provider" 136 137 # delete 138 139 - name: Delete the identity provider (check_mode) 140 iam_saml_federation: 141 name: '{{ provider_name }}' 142 state: absent 143 register: destroy_result 144 check_mode: yes 145 - name: assert changed 146 assert: 147 that: 148 - destroy_result is changed 149 150 - name: Delete the identity provider 151 iam_saml_federation: 152 name: '{{ provider_name }}' 153 state: absent 154 register: destroy_result 155 - name: assert deleted 156 assert: 157 that: 158 - destroy_result is changed 159 160 - name: Attempt to re-delete the identity provider (check_mode) 161 iam_saml_federation: 162 name: '{{ provider_name }}' 163 state: absent 164 register: destroy_result 165 check_mode: yes 166 - name: assert deleted 167 assert: 168 that: 169 - destroy_result is not changed 170 171 - name: Attempt to re-delete the identity provider 172 iam_saml_federation: 173 name: '{{ provider_name }}' 174 state: absent 175 register: destroy_result 176 - name: assert deleted 177 assert: 178 that: 179 - destroy_result is not changed 180 181 always: 182 # ============================================================ 183 # CLEAN-UP 184 - name: finish off by deleting the identity provider 185 iam_saml_federation: 186 name: '{{ provider_name }}' 187 state: absent 188 register: destroy_result 189