Ansible, right way to enable EPEL: yum_repository vs yum?

Neither solution worked for me on an a1.large instance running Amazon Linux 2 What I did was

- name: Ensure epel repo present
  yum:
    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
    state: present

These are only examples in the documentation. Basically they do the exact same thing except that with the second, you have a trace of a yum package installed to enable the repo where in the first you only end up with the relevant .repo file.

I use the second option on most of my clients networks since they are very often using an internal mirror to save bandwidth and we have to use a custom url. But in this case you also have to deal with the gpg keys (download them locally or reference them by uri). You don't have to cope with that at all when using the rpm package to install the repo (and you get upgrades through yum if anything changes).

So installing through yum is the easiest. For best good practice, I would not blindly trust ansible documentation examples anyway, but rather the official EPEL site which is referencing installation through yum.