---
  - name: Create security group
    ec2_group:
      name: "{{hostname}}"
      aws_access_key: "{{ec2_access_key}}"
      aws_secret_key: "{{ec2_secret_key}}"
      description: "A Security group"
      region: us-west-2
      rules:
        - proto: tcp
          from_port: 22
          to_port: 22
          cidr_ip: 0.0.0.0/0
        - proto: tcp
          from_port: 80
          to_port: 80
          cidr_ip: 0.0.0.0/0
        - proto: tcp
          from_port: 443
          to_port: 443
          cidr_ip: 0.0.0.0/0
      rules_egress:
        - proto: all
          cidr_ip: 0.0.0.0/0
    register: basic_firewall

  - name: Provision a set of instances
    ec2:
       key_name: ansible
       region: us-west-2
       group_id: "{{basic_firewall.group_id}}"
       instance_type: t2.small
       image: "ami-9abea4fb"
       aws_access_key: "{{ec2_access_key}}"
       aws_secret_key: "{{ec2_secret_key}}"
       wait: true
       exact_count: 1
       count_tag:
          Name: "{{hostname}}"
       instance_tags:
          Name: "{{hostname}}"
    register: ec2

  - name: Add all instance public IPs to host group
    add_host: hostname={{ item.public_ip }} groups=ec2hosts
    with_items: ec2.instances