ec2_key: add a test for the force option (#32748)

* ec2_key: test force option

* ec2_key: changes requested via review comments

test/integration/targets/ec2_key/tasks/main.yml

@@ -5,9 +5,6 @@
 #  - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY
 #  - EC2_REGION -> AWS_REGION
 #
-# TODO - name: test 'region' parameter
-# TODO - name: test 'state=absent' parameter for existing key
-# TODO - name: test 'state=absent' parameter for missing key
 # TODO - name: test 'validate_certs' parameter
 
 # ============================================================
@@ -147,7 +144,7 @@
            - '"EC2ResponseError: 401 Unauthorized" in result.module_stderr'
 
     # ============================================================
-    - name: test state=absent with key_material
+    - name: test removing a non-existent keypair
       ec2_key:
         name='{{ec2_key_name}}'
         ec2_region={{ec2_region}}
@@ -296,6 +293,25 @@
            - '"private_key" not in result.results[0].key'
            - 'result.results[0].key.fingerprint == "{{fingerprint}}"'
 
+    # ============================================================
+
+    - name: test force=no with another_key_material (expect changed=false)
+      ec2_key:
+        name: '{{ ec2_key_name }}'
+        ec2_region: '{{ ec2_region }}'
+        ec2_access_key: '{{ ec2_access_key }}'
+        ec2_secret_key: '{{ ec2_secret_key }}'
+        security_token: '{{ security_token }}'
+        key_material: '{{ another_key_material }}'
+        force: no
+      register: result
+
+    - name: assert force=no with another_key_material (expect changed=false)
+      assert:
+        that:
+          - 'not result.changed'
+          - 'result.key.fingerprint == "{{ fingerprint }}"'
+
     # ============================================================
     - name: test state=absent with key_material (expect changed=true)
       ec2_key: