I’m not sure why this option didn’t exist to begin with but I certainly use it all the time.
I have the necessary changes over at GitHub - codezerk/ansible: Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy. Avoid writing scripts or custom code to deploy and update your applications— automate in a language that approaches plain English, using SSH, with no agents to install on remote systems.
One thing to note here is that it will remove the default egress rule if not defined in the rules list, similar to the ingress rules.
example:
- name: example ec2 group
local_action:
module: ec2_group
name: example
description: an example EC2 group
vpc_id: 12345
region: eu-west-1a
ec2_secret_key: SECRET
ec2_access_key: ACCESS
rules: - proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
egress: yes <------------------ this will mark it as egress - proto: tcp
from_port: 22
to_port: 22
cidr_ip: 10.0.0.0/8 - proto: udp
from_port: 10050
to_port: 10050
cidr_ip: 10.0.0.0/8 - proto: udp
from_port: 10051
to_port: 10051
group_id: sg-12345678 - proto: all
the containing group name may be specified here
group_name: example