Delete role before creating it again.

rhpds · Oct 8, 2024 · bdd2ff5 · bdd2ff5
1 parent d1940a5
commit bdd2ff5
Showing 1 changed file with 23 additions and 11 deletions.
diff --git a/playbooks/roles/infra-aws-sandbox/tasks/iam.yml b/playbooks/roles/infra-aws-sandbox/tasks/iam.yml
@@ -1,18 +1,30 @@
 ---
-- name: Delete IAM role Cloudformation stack
-  cloudformation:
-    profile: "{{ account_profile }}"
-    region: "{{ aws_region }}"
-    stack_name: roles
-    state: absent
-
 - name: Create IAM role using Cloudformation
   cloudformation:
     profile: "{{ account_profile }}"
     template_body: "{{ lookup('file', 'CF-IAM.json') }}"
     region: "{{ aws_region }}"
     stack_name: roles
-  register: _cfiamrole
-  until: _cfiamrole is succeeded
-  delay: 60
-  retries: 5
+  register: r_cf
+
+- when: r_cf is failed
+  block:
+    - name: Delete IAM role Cloudformation stack
+      cloudformation:
+        profile: "{{ account_profile }}"
+        region: "{{ aws_region }}"
+        stack_name: roles
+        state: absent
+
+    - name: Delete the config-rule-role role
+      iam_role:
+        profile: "{{ account_profile }}"
+        name: config-rule-role
+        state: absent
+
+    - name: Retry create IAM role using Cloudformation
+      cloudformation:
+        profile: "{{ account_profile }}"
+        template_body: "{{ lookup('file', 'CF-IAM.json') }}"
+        region: "{{ aws_region }}"
+        stack_name: roles