allow use of jinja2 variables for ec2_group from_port/to_port params (#27145)

lib/ansible/modules/cloud/amazon/ec2_group.py

@@ -500,6 +500,9 @@ def serialize_group_grant(group_id, rule):
                   'FromPort': rule['from_port'],
                   'ToPort': rule['to_port'],
                   'UserIdGroupPairs': [{'GroupId': group_id}]}
+
+    convert_ports_to_int(permission)
+
     return permission
 
 
@@ -539,9 +542,18 @@ def serialize_ip_grant(rule, thisip, ethertype):
         permission.update({'IpRanges': [{'CidrIp': thisip}]})
     elif ethertype == "ipv6":
         permission.update({'Ipv6Ranges': [{'CidrIpv6': thisip}]})
+
+    convert_ports_to_int(permission)
+
     return permission
 
 
+def convert_ports_to_int(permission):
+    for key in ['FromPort', 'ToPort']:
+        if permission[key] is not None:
+            permission[key] = int(permission[key])
+
+
 def main():
     argument_spec = ec2_argument_spec()
     argument_spec.update(dict(

test/integration/targets/ec2_group/tasks/main.yml

@@ -350,6 +350,64 @@
           - result.ip_permissions[0].user_id_group_pairs or
             result.ip_permissions[1].user_id_group_pairs
 
+    # ============================================================
+    - name: test ip rules convert port numbers from string to int (expected changed=true)
+      ec2_group:
+        name: '{{ec2_group_name}}'
+        description: '{{ec2_group_description}}'
+        ec2_region: '{{ec2_region}}'
+        ec2_access_key: '{{ec2_access_key}}'
+        ec2_secret_key: '{{ec2_secret_key}}'
+        security_token: '{{security_token}}'
+        state: present
+        rules:
+        - proto: "tcp"
+          from_port: "8183"
+          to_port: "8183"
+          cidr_ipv6: "64:ff9b::/96"
+        rules_egress:
+        - proto: "tcp"
+          from_port: "8184"
+          to_port: "8184"
+          cidr_ipv6: "64:ff9b::/96"
+      register: result
+
+    - name: assert state=present (expected changed=true)
+      assert:
+        that:
+           - 'result.changed'
+           - 'result.group_id.startswith("sg-")'
+
+    # ============================================================
+    - name: test group rules convert port numbers from string to int (expected changed=true)
+      ec2_group:
+        name: '{{ec2_group_name}}'
+        description: '{{ec2_group_description}}'
+        ec2_region: '{{ec2_region}}'
+        ec2_access_key: '{{ec2_access_key}}'
+        ec2_secret_key: '{{ec2_secret_key}}'
+        security_token: '{{security_token}}'
+        state: present
+        rules:
+        - proto: "tcp"
+          from_port: "8185"
+          to_port: "8185"
+          group_id: "{{result.group_id}}"
+        rules_egress:
+        - proto: "tcp"
+          from_port: "8186"
+          to_port: "8186"
+          cidr_ipv6: "64:ff9b::/96"
+          group_id: "{{result.group_id}}"
+      register: result
+
+    - name: assert state=present (expected changed=true)
+      assert:
+        that:
+           - 'result.changed'
+           - 'result.group_id.startswith("sg-")'
+
+
     # ============================================================
     - name: test state=absent (expected changed=true)
       ec2_group: