First pass at ec2 module tests

test/integration/roles/setup_ec2/tasks/common.yml

@@ -0,0 +1,119 @@
+---
+
+# ============================================================
+- name: test with no parameters
+  action: "{{module_name}}"
+  register: result
+  ignore_errors: true
+
+- name: assert failure when called with no parameters
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg == "missing required arguments: name"'
+
+# ============================================================
+- name: test with only name
+  action: "{{module_name}} name={{ec2_key_name}}"
+  register: result
+  ignore_errors: true
+
+- name: assert failure when called with only 'name'
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg == "Either region or ec2_url must be specified"'
+
+# ============================================================
+- name: test invalid region parameter
+  action: "{{module_name}} name='{{ec2_key_name}}' region='asdf querty 1234'"
+  register: result
+  ignore_errors: true
+
+- name: assert invalid region parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("value of region must be one of:")'
+
+# ============================================================
+- name: test valid region parameter
+  action: "{{module_name}} name='{{ec2_key_name}}' region='{{ec2_region}}'"
+  register: result
+  ignore_errors: true
+
+- name: assert valid region parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test environment variable EC2_REGION
+  action: "{{module_name}} name='{{ec2_key_name}}'"
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+  register: result
+  ignore_errors: true
+
+- name: assert environment variable EC2_REGION
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test invalid ec2_url parameter
+  action: "{{module_name}} name='{{ec2_key_name}}'"
+  environment:
+    EC2_URL: bogus.example.com
+  register: result
+  ignore_errors: true
+
+- name: assert invalid ec2_url parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test valid ec2_url parameter
+  action: "{{module_name}} name='{{ec2_key_name}}'"
+  environment:
+    EC2_URL: '{{ec2_url}}'
+  register: result
+  ignore_errors: true
+
+- name: assert valid ec2_url parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test credentials from environment
+  action: "{{module_name}} name='{{ec2_key_name}}'"
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: bogus_access_key
+    EC2_SECRET_KEY: bogus_secret_key
+  register: result
+  ignore_errors: true
+
+- name: assert ec2_key with valid ec2_url
+  assert:
+    that:
+       - 'result.failed'
+       - '"EC2ResponseError: 401 Unauthorized" in result.msg'
+
+# ============================================================
+- name: test credential parameters
+  action: "{{module_name}} name='{{ec2_key_name}}' ec2_region='{{ec2_region}}' ec2_access_key=bogus_access_key ec2_secret_key=bogus_secret_key"
+  register: result
+  ignore_errors: true
+
+- name: assert credential parameters
+  assert:
+    that:
+       - 'result.failed'
+       - '"EC2ResponseError: 401 Unauthorized" in result.msg'

test/integration/roles/setup_ec2/tasks/main.yml

@@ -0,0 +1,55 @@
+# common setup tasks for ec2 module tests
+# (c) 2014, James Laska <jlaska@ansible.com>
+
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+- name: generate random string
+  shell: python -c "import string,random; print ''.join(random.choice(string.ascii_lowercase) for _ in xrange(8));"
+  register: random_string
+  tags:
+    - prepare
+
+- name: create random file
+  shell: mktemp /tmp/id_rsa.XXXXXX
+  register: sshkey
+  tags:
+    - prepare
+
+- name: generate sshkey
+  shell: echo 'y' | ssh-keygen -P '' -f {{sshkey.stdout}}
+  tags:
+    - prepare
+
+- name: record key_material
+  command: cat {{sshkey.stdout}}.pub
+  register: key_material
+  tags:
+    - prepare
+
+- name: record fingerprint
+  shell: ssh-keygen -lf {{sshkey.stdout}}.pub | awk '{print $2}'
+  register: fingerprint
+  tags:
+    - prepare
+
+- name: set facts for future roles
+  set_fact:
+    random_string: '{{random_string.stdout}}'
+    sshkey: '{{sshkey.stdout}}'
+    key_material: '{{key_material.stdout}}'
+    fingerprint: '{{fingerprint.stdout}}'
+  tags:
+    - prepare

test/integration/roles/test_ec2/README.md

@@ -0,0 +1,38 @@
+Role Name
+========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+-------------------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

test/integration/roles/test_ec2/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2

test/integration/roles/test_ec2/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for test_ec2

test/integration/roles/test_ec2/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2

test/integration/roles/test_ec2/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2

test/integration/roles/test_ec2_ami/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_ami

test/integration/roles/test_ec2_ami/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_ami/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_ami

test/integration/roles/test_ec2_ami/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_ami

test/integration/roles/test_ec2_eip/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_eip

test/integration/roles/test_ec2_eip/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_eip/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_eip

test/integration/roles/test_ec2_eip/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_eip

test/integration/roles/test_ec2_elb/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_elb

test/integration/roles/test_ec2_elb/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_elb/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_elb

test/integration/roles/test_ec2_elb/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_elb

test/integration/roles/test_ec2_elb_lb/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_elb_lb

test/integration/roles/test_ec2_elb_lb/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_elb_lb/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_elb_lb

test/integration/roles/test_ec2_elb_lb/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_elb_lb

test/integration/roles/test_ec2_facts/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_facts

test/integration/roles/test_ec2_facts/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_facts/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_facts

test/integration/roles/test_ec2_facts/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_facts

test/integration/roles/test_ec2_group/defaults/main.yml

@@ -0,0 +1,5 @@
+---
+# defaults file for test_ec2_group
+ec2_group_name: 'ansible-testing-{{ random_string }}'
+ec2_group_description: 'Created by ansible integration tests'
+

test/integration/roles/test_ec2_group/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - prepare_tests
+  - setup_ec2

test/integration/roles/test_ec2_group/tasks/main.yml

@@ -0,0 +1,250 @@
+---
+# A Note about ec2 environment variable name preference:
+#  - EC2_URL -> AWS_URL
+#  - EC2_ACCESS_KEY -> AWS_ACCESS_KEY_ID -> AWS_ACCESS_KEY
+#  - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY
+#  - EC2_REGION -> AWS_REGION
+#
+
+# - include: ../../setup_ec2/tasks/common.yml module_name=ec2_group
+
+# ============================================================
+- name: test failure with no parameters
+  ec2_group:
+  register: result
+  ignore_errors: true
+
+- name: assert failure with no parameters
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg == "missing required arguments: description,name"'
+
+# ============================================================
+- name: test failure with only name
+  ec2_group:
+    name='{{ec2_group_name}}'
+  register: result
+  ignore_errors: true
+
+- name: assert failure with only name
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg == "missing required arguments: description"'
+
+# ============================================================
+- name: test failure with only description
+  ec2_group:
+    description='{{ec2_group_description}}'
+  register: result
+  ignore_errors: true
+
+- name: assert failure with only description
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg == "missing required arguments: name"'
+
+# ============================================================
+- name: test invalid region parameter
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    region='asdf querty 1234'
+  register: result
+  ignore_errors: true
+
+- name: assert invalid region parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("value of region must be one of:")'
+
+# ============================================================
+- name: test valid region parameter
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    region='{{ec2_region}}'
+  register: result
+  ignore_errors: true
+
+- name: assert valid region parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test environment variable EC2_REGION
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+  register: result
+  ignore_errors: true
+
+- name: assert environment variable EC2_REGION
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test invalid ec2_url parameter
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+  environment:
+    EC2_URL: bogus.example.com
+  register: result
+  ignore_errors: true
+
+- name: assert invalid ec2_url parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test valid ec2_url parameter
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+  environment:
+    EC2_URL: '{{ec2_url}}'
+  register: result
+  ignore_errors: true
+
+- name: assert valid ec2_url parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test credentials from environment
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: bogus_access_key
+    EC2_SECRET_KEY: bogus_secret_key
+  register: result
+  ignore_errors: true
+
+- name: assert ec2_group with valid ec2_url
+  assert:
+    that:
+       - 'result.failed'
+       - '"EC2ResponseError: 401 Unauthorized" in result.msg'
+
+# ============================================================
+- name: test credential parameters
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    ec2_region='{{ec2_region}}'
+    ec2_access_key='bogus_access_key'
+    ec2_secret_key='bogus_secret_key'
+  register: result
+  ignore_errors: true
+
+- name: assert credential parameters
+  assert:
+    that:
+       - 'result.failed'
+       - '"EC2ResponseError: 401 Unauthorized" in result.msg'
+
+# ============================================================
+- name: test state=absent
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    ec2_region='{{ec2_region}}'
+    ec2_access_key='{{ec2_access_key}}'
+    ec2_secret_key='{{ec2_secret_key}}'
+    state=absent
+  register: result
+
+- name: assert state=absent
+  assert:
+    that:
+       - '"failed" not in result'
+
+# ============================================================
+- name: test state=present (expected changed=true)
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    ec2_region='{{ec2_region}}'
+    ec2_access_key='{{ec2_access_key}}'
+    ec2_secret_key='{{ec2_secret_key}}'
+    state=present
+  register: result
+
+- name: assert state=present (expected changed=true)
+  assert:
+    that:
+       - 'result.changed'
+       - 'result.group_id.startswith("sg-")'
+       - 'result.item == ""'
+
+# ============================================================
+- name: test state=present (expected changed=false)
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    ec2_region='{{ec2_region}}'
+    ec2_access_key='{{ec2_access_key}}'
+    ec2_secret_key='{{ec2_secret_key}}'
+    state=present
+  register: result
+
+- name: assert state=present (expected changed=false)
+  assert:
+    that:
+       - 'not result.changed'
+       - 'result.group_id.startswith("sg-")'
+       - 'result.item == ""'
+
+# ============================================================
+- name: test state=absent (expected changed=true)
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    state=absent
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: '{{ec2_access_key}}'
+    EC2_SECRET_KEY: '{{ec2_secret_key}}'
+  register: result
+
+- name: assert state=absent (expected changed=true)
+  assert:
+    that:
+       - 'result.changed'
+       - 'not result.group_id'
+       - 'result.item == ""'
+
+# ============================================================
+- name: test state=absent (expected changed=false)
+  ec2_group:
+    name='{{ec2_group_name}}'
+    description='{{ec2_group_description}}'
+    state=absent
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: '{{ec2_access_key}}'
+    EC2_SECRET_KEY: '{{ec2_secret_key}}'
+  register: result
+
+- name: assert state=absent (expected changed=false)
+  assert:
+    that:
+       - 'not result.changed'
+       - 'not result.group_id'
+       - 'result.item == ""'

test/integration/roles/test_ec2_key/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+# defaults file for test_ec2_key
+ec2_key_name: 'ansible-testing-{{ random_string }}'

test/integration/roles/test_ec2_key/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - prepare_tests
+  - setup_ec2

test/integration/roles/test_ec2_key/tasks/main.yml

@@ -0,0 +1,337 @@
+---
+# A Note about ec2 environment variable name preference:
+#  - EC2_URL -> AWS_URL
+#  - EC2_ACCESS_KEY -> AWS_ACCESS_KEY_ID -> AWS_ACCESS_KEY
+#  - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY
+#  - EC2_REGION -> AWS_REGION
+#
+# TODO - name: test 'region' parameter
+# TODO - name: test 'state=absent' parameter for existing key
+# TODO - name: test 'state=absent' parameter for missing key
+# TODO - name: test 'validate_certs' parameter
+
+# ============================================================
+# - include: ../../setup_ec2/tasks/common.yml module_name=ec2_key
+
+# ============================================================
+- name: test with no parameters
+  ec2_key:
+  register: result
+  ignore_errors: true
+
+- name: assert failure when called with no parameters
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg == "missing required arguments: name"'
+
+# ============================================================
+- name: test with only name
+  ec2_key:
+    name={{ec2_key_name}}
+  register: result
+  ignore_errors: true
+
+- name: assert failure when called with only 'name'
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg == "Either region or ec2_url must be specified"'
+
+# ============================================================
+- name: test invalid region parameter
+  ec2_key:
+    name={{ec2_key_name}}
+    region='asdf querty 1234'
+  register: result
+  ignore_errors: true
+
+- name: assert invalid region parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("value of region must be one of:")'
+
+# ============================================================
+- name: test valid region parameter
+  ec2_key:
+    name={{ec2_key_name}}
+    region={{ec2_region}}
+  register: result
+  ignore_errors: true
+
+- name: assert valid region parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test environment variable EC2_REGION
+  ec2_key:
+    name={{ec2_key_name}}
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+  register: result
+  ignore_errors: true
+
+- name: assert environment variable EC2_REGION
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test invalid ec2_url parameter
+  ec2_key:
+    name={{ec2_key_name}}
+  environment:
+    EC2_URL: bogus.example.com
+  register: result
+  ignore_errors: true
+
+- name: assert invalid ec2_url parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test valid ec2_url parameter
+  ec2_key:
+    name={{ec2_key_name}}
+  environment:
+    EC2_URL: '{{ec2_url}}'
+  register: result
+  ignore_errors: true
+
+- name: assert valid ec2_url parameter
+  assert:
+    that:
+       - 'result.failed'
+       - 'result.msg.startswith("No handler was ready to authenticate.")'
+
+# ============================================================
+- name: test credentials from environment
+  ec2_key:
+    name={{ec2_key_name}}
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: bogus_access_key
+    EC2_SECRET_KEY: bogus_secret_key
+  register: result
+  ignore_errors: true
+
+- name: assert ec2_key with valid ec2_url
+  assert:
+    that:
+       - 'result.failed'
+       - '"EC2ResponseError: 401 Unauthorized" in result.msg'
+
+# ============================================================
+- name: test credential parameters
+  ec2_key:
+    name={{ec2_key_name}}
+    ec2_region={{ec2_region}}
+    ec2_access_key=bogus_access_key
+    ec2_secret_key=bogus_secret_key
+  register: result
+  ignore_errors: true
+
+- name: assert credential parameters
+  assert:
+    that:
+       - 'result.failed'
+       - '"EC2ResponseError: 401 Unauthorized" in result.msg'
+
+# ============================================================
+- name: test state=absent with key_material
+  ec2_key:
+    name='{{ec2_key_name}}'
+    ec2_region={{ec2_region}}
+    ec2_access_key={{ec2_access_key}}
+    ec2_secret_key={{ec2_secret_key}}
+    state=absent
+  register: result
+
+- name: assert state=absent with key_material
+  assert:
+    that:
+       - '"failed" not in result'
+
+# ============================================================
+- name: test state=present without key_material
+  ec2_key:
+    name='{{ec2_key_name}}'
+    ec2_region={{ec2_region}}
+    ec2_access_key={{ec2_access_key}}
+    ec2_secret_key={{ec2_secret_key}}
+    state=present
+  register: result
+
+- name: assert state=present without key_material
+  assert:
+    that:
+       - 'result.changed'
+       - '"failed" not in result'
+       - '"key" in result'
+       - '"name" in result.key'
+       - '"fingerprint" in result.key'
+       - '"private_key" in result.key'
+       - 'result.key.name == "{{ec2_key_name}}"'
+
+# ============================================================
+- name: test state=absent without key_material
+  ec2_key:
+    name='{{ec2_key_name}}'
+    state=absent
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: '{{ec2_access_key}}'
+    EC2_SECRET_KEY: '{{ec2_secret_key}}'
+  register: result
+
+- name: assert state=absent without key_material
+  assert:
+    that:
+       - 'result.changed'
+       - '"failed" not in result'
+       - '"key" in result'
+       - 'result.key == None'
+
+# ============================================================
+- name: test state=present with key_material
+  ec2_key:
+    name='{{ec2_key_name}}'
+    key_material='{{key_material}}'
+    state=present
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: '{{ec2_access_key}}'
+    EC2_SECRET_KEY: '{{ec2_secret_key}}'
+  register: result
+
+- name: assert state=present with key_material
+  assert:
+    that:
+       - '"failed" not in result'
+       - 'result.changed == True'
+       - '"key" in result'
+       - '"name" in result.key'
+       - 'result.key.name == "{{ec2_key_name}}"'
+       - '"fingerprint" in result.key'
+       - '"private_key" not in result.key'
+       # FIXME - why don't the fingerprints match?
+       # - 'result.key.fingerprint == "{{fingerprint}}"'
+
+# ============================================================
+- name: test state=absent with key_material
+  ec2_key:
+    name='{{ec2_key_name}}'
+    key_material='{{key_material}}'
+    ec2_region='{{ec2_region}}'
+    ec2_access_key='{{ec2_access_key}}'
+    ec2_secret_key='{{ec2_secret_key}}'
+    state=absent
+  register: result
+
+- name: assert state=absent with key_material
+  assert:
+    that:
+       - 'result.changed'
+       - '"failed" not in result'
+       - '"key" in result'
+       - 'result.key == None'
+
+# ============================================================
+- name: test state=present with key_material with_files (expect changed=true)
+  ec2_key:
+    name='{{ec2_key_name}}'
+    state=present
+    key_material='{{ item }}'
+  with_file: sshkey ~ '.pub'
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: '{{ec2_access_key}}'
+    EC2_SECRET_KEY: '{{ec2_secret_key}}'
+  register: result
+
+- name: assert state=present with key_material with_files (expect changed=true)
+  assert:
+    that:
+       - 'result.msg == "All items completed"'
+       - 'result.changed == True'
+       - '"results" in result'
+       - '"item" in result.results[0]'
+       - '"key" in result.results[0]'
+       - '"name" in result.results[0].key'
+       - 'result.results[0].key.name == "{{ec2_key_name}}"'
+       - '"fingerprint" in result.results[0].key'
+       - '"private_key" not in result.results[0].key'
+       # FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
+       # - 'result.key.fingerprint == "{{fingerprint}}"'
+
+# ============================================================
+- name: test state=present with key_material with_files (expect changed=false)
+  ec2_key:
+    name='{{ec2_key_name}}'
+    state=present
+    key_material='{{ item }}'
+  with_file: sshkey ~ '.pub'
+  environment:
+    EC2_REGION: '{{ec2_region}}'
+    EC2_ACCESS_KEY: '{{ec2_access_key}}'
+    EC2_SECRET_KEY: '{{ec2_secret_key}}'
+  register: result
+
+- name: assert state=present with key_material with_files (expect changed=false)
+  assert:
+    that:
+       - 'result.msg == "All items completed"'
+       - 'not result.changed'
+       - '"results" in result'
+       - '"item" in result.results[0]'
+       - '"key" in result.results[0]'
+       - '"name" in result.results[0].key'
+       - 'result.results[0].key.name == "{{ec2_key_name}}"'
+       - '"fingerprint" in result.results[0].key'
+       - '"private_key" not in result.results[0].key'
+       # FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
+       # - 'result.key.fingerprint == "{{fingerprint}}"'
+
+# ============================================================
+- name: test state=absent with key_material (expect changed=true)
+  ec2_key:
+    name='{{ec2_key_name}}'
+    ec2_region='{{ec2_region}}'
+    ec2_access_key='{{ec2_access_key}}'
+    ec2_secret_key='{{ec2_secret_key}}'
+    key_material='{{key_material}}'
+    state=absent
+  register: result
+
+- name: assert state=absent with key_material (expect changed=true)
+  assert:
+    that:
+       - 'result.changed'
+       - '"failed" not in result'
+       - '"key" in result'
+       - 'result.key == None'
+
+# ============================================================
+- name: test state=absent (expect changed=false)
+  ec2_key:
+    name='{{ec2_key_name}}'
+    ec2_region='{{ec2_region}}'
+    ec2_access_key='{{ec2_access_key}}'
+    ec2_secret_key='{{ec2_secret_key}}'
+    state=absent
+  register: result
+
+- name: assert state=absent with key_material (expect changed=false)
+  assert:
+    that:
+       - 'not result.changed'
+       - '"failed" not in result'
+       - '"key" in result'
+       - 'result.key == None'

test/integration/roles/test_ec2_tag/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_tag

test/integration/roles/test_ec2_tag/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_tag/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_tag

test/integration/roles/test_ec2_tag/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_tag

test/integration/roles/test_ec2_vol/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_vol

test/integration/roles/test_ec2_vol/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_vol/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_vol

test/integration/roles/test_ec2_vol/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_vol

test/integration/roles/test_ec2_vpc/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for test_ec2_vpc

test/integration/roles/test_ec2_vpc/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies: 
+  - prepare_tests
+

test/integration/roles/test_ec2_vpc/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+# tasks file for test_ec2_vpc

test/integration/roles/test_ec2_vpc/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for test_ec2_vpc